[SECURITY-L] Vulnerabilidades de Seguranca

CSIRT - UNICAMP security em unicamp.br
Seg Jun 19 16:32:36 -03 2006 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Srs. Assinantes,

Atualizamos o site do CSIRT (Computer Security Incident Response Team) da Unicamp
com os seguintes boletins de vulnerabilidades:


CAIS-Alerta:
============
14/06/2006 - CAIS-alerta
Assunto: Vulnerabilidade na Autenticacao Mutua do RPC no Microsoft Windows 
http://www.security.unicamp.br/docs/bugs/2006/06/v095.txt

14/06/2006 - CAIS-alerta
Assunto: Vulnerabilidade no Microsoft PowerPoint 
http://www.security.unicamp.br/docs/bugs/2006/06/v094.txt

14/06/2006 - CAIS-alerta
Assunto: Vulnerabilidade no Windows Media Player 
http://www.security.unicamp.br/docs/bugs/2006/06/v088.txt

14/06/2006 - CAIS-Alerta
Assunto: Vulnerabilidade no Microsoft Word 
http://www.security.unicamp.br/docs/bugs/2006/06/v088.txt

14/06/2006 - CAIS-Alerta
Assunto: Vulnerabilidade no Microsoft Exchange Server OWA 
http://www.security.unicamp.br/docs/bugs/2006/06/v087.txt

14/06/2006 - CAIS-Alerta
Assunto: Vulnerabilidade no Microsoft JScript 
http://www.security.unicamp.br/docs/bugs/2006/06/v084.txt

14/06/2006 - CAIS-Alerta
Assunto: Vulnerabilidade no mecanismo de processamento de elementos graficos do Windows 
http://www.security.unicamp.br/docs/bugs/2006/06/v082.txt

14/06/2006 - CAIS-Alerta
Assunto: Vulnerabilidade no Server Message Block 
http://www.security.unicamp.br/docs/bugs/2006/06/v081.txt

14/06/2006 - CAIS-Alerta
Assunto: Vulnerabilidade no TCP/IP do Microsoft Windows
http://www.security.unicamp.br/docs/bugs/2006/06/v080.txt 

14/06/2006 - CAIS-Alerta
Assunto: Vulnerabilidade no processamento de imagem do Microsoft Windows 
http://www.security.unicamp.br/docs/bugs/2006/06/v076.txt

14/06/2006 - CAIS-Alerta
Assunto: Atualizacoes de seguranca para o Internet Explorer 
http://www.security.unicamp.br/docs/bugs/2006/06/v075.txt

Debian Security Advisory:
=========================
15/06/2006 - DSA 1100-1 
Assunto: wv2 
http://www.security.unicamp.br/docs/bugs/2006/06/v099.txt

14/06/2006 - DSA 1099-1 
Assunto: horde2 
http://www.security.unicamp.br/docs/bugs/2006/06/v092.txt

14/06/2006 - DSA 1098-1 
Assunto: horde3 
http://www.security.unicamp.br/docs/bugs/2006/06/v085.txt

14/06/2006 - DSA 1097-1 
Assunto: kernel-source-2.4.27 
http://www.security.unicamp.br/docs/bugs/2006/06/v078.txt

FreeBSD Security Advisory:
==========================
14/06/2006 - FreeBSD Security Advisory FreeBSD-SA-06:17
Assunto: sendmail
http://www.security.unicamp.br/docs/bugs/2006/06/v093.txt

Gentoo Linux Security Advisory:
===============================
19/06/2006 - GLSA 200606-21 
Assunto: Mozilla Thunderbird: Multiple vulnerabilities 
http://www.security.unicamp.br/docs/bugs/2006/06/v113.txt

15/06/2006 - GLSA 200606-19 
Assunto: Sendmail: Denial of Service 
http://www.security.unicamp.br/docs/bugs/2006/06/v103.txt

15/06/2006 - GLSA 200606-18 
Assunto: PAM-MySQL: Multiple vulnerability 
http://www.security.unicamp.br/docs/bugs/2006/06/v101.txt

15/06/2006 - GLSA 200606-17
Assunto: OpenLDAP: Buffer overflow 
http://www.security.unicamp.br/docs/bugs/2006/06/v102.txt

14/06/2006 - GLSA 200606-16 
Assunto: DokuWiki: PHP code injection 
http://www.security.unicamp.br/docs/bugs/2006/06/v074.txt

14/06/2006 - GLSA 200606-15 
Assunto: Asterisk: IAX2 video frame buffer overflow 
http://www.security.unicamp.br/docs/bugs/2006/06/v077.txt

HP Security Bulletin:
=====================
19/06/2006 - HPSBTU02116 SSRT061135 rev.2 
Assunto: HP Tru64 UNIX and HP Internet Express for Tru64 UNIX Running sendmail, Remote Execution of Arbitrary Code or Denial of Service (DoS) 
http://www.security.unicamp.br/docs/bugs/2006/06/v112.txt

16/06/2006 - HPSBUX02115 SSRT061077 rev.1 
Assunto: HP-UX running Support Tools Manager (xstm, cstm, stm)Local Denial of Service (DoS) 
http://www.security.unicamp.br/docs/bugs/2006/06/v106.txt

KDE Security Advisories:
========================
14/06/2006 
Assunto: KDM symlink attack vulnerability
http://www.security.unicamp.br/docs/bugs/2006/03/v079.txt

Mandriva Linux Security Update Advisory:
========================================
15/06/2006 - MDKSA-2006:106 
Assunto: mdkkdm 
http://www.security.unicamp.br/docs/bugs/2006/06/v108.txt

15/06/2006 - MDKSA-2006:105 
Assunto: kdebase 
http://www.security.unicamp.br/docs/bugs/2006/06/v107.txt

15/06/2006 - MDKSA-2006:104 
Assunto: sendmail 
http://www.security.unicamp.br/docs/bugs/2006/06/v098.txt

14/06/2006 - MDKSA-2006:103 
Assunto: spamassassin 
http://www.security.unicamp.br/docs/bugs/2006/06/v089.txt

14/06/2006 - MDKSA-2006:102 
Assunto: libtiff 
http://www.security.unicamp.br/docs/bugs/2006/06/v086.txt

13/06/2006 - MDKSA-2006:1000 
Assunto: gdm 
http://www.security.unicamp.br/docs/bugs/2006/06/v073.txt

13/06/2006 - MDKSA-2006:099-1 
Assunto: Freetype2 
http://www.security.unicamp.br/docs/bugs/2006/06/v072.txt

Microsoft Security Bulletins:
=============================
13/06/2006 
Assunto: Microsoft Security Bulletin Re-Release 
http://www.security.unicamp.br/docs/bugs/2006/06/v111.txt

13/06/2006 
Assunto: Microsoft Security Bulletin Summary for June 2006
http://www.security.unicamp.br/docs/bugs/2006/06/v110.txt

Slackware Security Advisory:
============================
15/06/2006 - SSA:2006-166-01 
Assunto: sendmail 
http://www.security.unicamp.br/docs/bugs/2006/06/v097.txt

Trustix Secure Linux Security Advisory:
=======================================
16/06/2006 - #2006-0036 
Assunto: fcron, libtiff 
http://www.security.unicamp.br/docs/bugs/2006/06/v104.txt

Ubuntu Security Notice:
=======================
16/06/2006 - USN-303-1 
Assunto: mysql-dfsg-4.1, mysql-dfsg-5.0 vulnerability 
http://www.security.unicamp.br/docs/bugs/2006/06/v105.txt

15/06/2006 - USN-297-2 
Assunto: mozilla-thunderbird, thunderbird-quickfile updates 
http://www.security.unicamp.br/docs/bugs/2006/06/v100.txt

14/06/2006 - USN-301-1 
Assunto: kdebase vulnerability 
http://www.security.unicamp.br/docs/bugs/2006/06/v091.txt

14/06/2006 - USN-300-1 
Assunto: wv2 vulnerability 
http://www.security.unicamp.br/docs/bugs/2006/06/v096.txt

13/06/2006 - USN-299-1 
Assunto: dhcdbd vulnerability 
http://www.security.unicamp.br/docs/bugs/2006/06/v071.txt

13/06/2006 - USN-298-1 
Assunto: libgd2 vulnerability 
http://www.security.unicamp.br/docs/bugs/2006/06/v070.txt

13/06/2006 - USN-288-4
Assunto: dovecot regression 
http://www.security.unicamp.br/docs/bugs/2006/06/v069.txt

13/06/2006 - USN-297-1 
Assunto: mozilla-thunderbird vulnerabilities 
http://www.security.unicamp.br/docs/bugs/2006/06/v068.txt

US-CERT Technical Cyber Security Alert:
=======================================
16/06/2006 - TA06-167A 
Assunto: Microsoft Excel Vulnerability 
http://www.security.unicamp.br/docs/bugs/2006/06/v109.txt

- --
Computer Security Incident Response Team - CSIRT
Universidade Estadual de Campinas - UNICAMP
mailto:security at unicamp.br
http://www.security.unicamp.br
GnuPG Public Key: http://www.security.unicamp.br/security.asc

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (FreeBSD)

iD8DBQFElvuT/UMb1l3gm8IRAqwbAJ9WUU5S1WSJ5yy/pBSJ4tyA2oV3JQCgitgC
pzFm8DyCD5UeKfqpcsdBe54=
=2+Im
-----END PGP SIGNATURE-----

Mais detalhes sobre a lista de discussão SECURITY-L