Zorp Security Advisory

International
HU

Balabit It Security
Products
Support
Partnership
Downloads
Company
- Mission
- Philosophy
- History
- Policies
- Social responsibility
- Contacts
- Career
News
Search

Support

Nyomtatás Nyomtatás

Zorp Security Advisory

[Oct 2, 2008]	BBSA-2008-044-en.txt (signature)
	clamav: multiple vulnerabilities
[Sep 18, 2008]	BBSA-2008-043-en.txt (signature)
	openssh: Unsafe signal handler
[Aug 28, 2008]	BBSA-2008-042-en.txt (signature)
	libxml2: denial of service
[Aug 26, 2008]	BBSA-2008-041-en.txt (signature)
	libxml2: denial of service
[Aug 21, 2008]	BBSA-2008-040-en.txt (signature)
	postfix: privilege escalation
[Aug 8, 2008]	BBSA-2008-039-en.txt (signature)
	python2.3, python2.4: multiple integer overflows
[Aug 8, 2008]	BBSA-2008-038-en.txt (signature)
	libxslt: Denial of Service
[Jul 30, 2008]	BBSA-2008-037-en.txt (signature)
	fetchmail: Denial of Service
[Jul 30, 2008]	BBSA-2008-036-en.txt (signature)
	python-dns: cache poisoning
[Jul 30, 2008]	BBSA-2008-035-en.txt (signature)
	openldap2.2: slapd Denial of Service
[Jul 25, 2008]	BBSA-2008-034-en.txt (signature)
	bind9: cache poisoning regression
[Jul 10, 2008]	BBSA-2008-033-en.txt (signature)
	bind9: cache poisoning
[Jul 8, 2008]	BBSA-2008-032-en.txt (signature)
	pcre3: heap-overflow
[Jun 27, 2008]	BBSA-2008-031-en.txt (signature)
	clamav: Denial of Service
[Jun 12, 2008]	BBSA-2008-030-en.txt (signature)
	ucd-snmp, net-snmp: incomplete HMAC authentication
[Jun 5, 2008]	BBSA-2008-029-en.txt (signature)
	openssl: multiple vulnerabilites
[Jun 3, 2008]	BBSA-2008-028-en.txt (signature)
	openssl: Denial-of-Service
[Jun 5, 2008]	BBSA-2008-027-en.txt (signature)
	libxslt: buffer overflow
[May 29, 2008]	BBSA-2008-026-en.txt (signature)
	ucd-snmp: buffer overflow
[May 29, 2008]	BBSA-2008-025-en.txt (signature)
	mtr, mtr-tiny: buffer overflow
[May 21, 2008]	BBSA-2008-021-en.txt (signature)
	net-snmp: buffer overflow
[May 21, 2008]	BBSA-2008-022-en.txt (signature)
	gnutls11: multiple vulnerabilities
[May 22, 2008]	BBSA-2008-024-en.txt (signature)
	openssh: added check for weak keys
[May 22, 2008]	BBSA-2008-023-en.txt (signature)
	Sun Fire X2100/X2200 M2 Servers ELOM Software: Arbitrary command execution
[May 22, 2008]	BBSA-2008-023-en.txt (signature)
	Sun Fire X2100/X2200 M2 Servers ELOM Software: Arbitrary command execution
[May 14, 2008]	BBSA-2008-020-en.txt (signature)
	openssl: predictable random number generator
[Apr 29, 2008]	BBSA-2008-019-en.txt (signature)
	perl: heap buffer overflow
[Apr 23, 2008]	BBSA-2008-017-en.txt (signature)
	clamav: multiple vulnerabilities
[Apr 23, 2008]	BBSA-2008-016-en.txt (signature)
	python2.3, python2.4: multiple vulnerabilities
[Apr 9, 2008]	BBSA-2008-016-en.txt (signature)
	kernel-image-2.6.17-zorpos-3-, kernel-headers-2.6.17-zorpos-3-: Several critical bugs
[Apr 3, 2008]	BBSA-2008-014-en.txt (signature)
	bzip2: Denial of Service
[Apr 3, 2008]	BBSA-2008-015-en.txt (signature)
	openssh: connection hijacking
[Mar 18, 2008]	BBSA-2008-009-en.txt (signature)
	python2.3, python2.4: multiple vulnerabilities
[Mar 18, 2008]	BBSA-2008-010-en.txt (signature)
	libnet-dns-perl: multiple vulnerabilities
[Mar 18, 2008]	BBSA-2008-011-en.txt (signature)
	e2fsprogs: Multiple integer overflows
[Mar 18, 2008]	BBSA-2008-012-en.txt (signature)
	unzip: possible arbitrary code execution
[Feb 25, 2008]	BBSA-2008-008-en.txt (signature)
	pcre3: buffer overflow
[Feb 25, 2008]	BBSA-2008-007-en.txt (signature)
	net-snmp: design error
[Feb 25, 2008]	BBSA-2008-006-en.txt (signature)
	postgresql: multiple vulnerabilities
[Feb 25, 2008]	BBSA-2008-005-en.txt (signature)
	libxml2: missing input validation
[Feb 25, 2008]	BBSA-2008-004-en.txt (signature)
	clamav: multiple vulnerabilities
[Jan 8, 2008]	BBSA-2008-003-en.txt (signature)
	clamav: multiple vulnerabilities
[Jan 8, 2008]	BBSA-2007-002-en.txt (signature)
	tar: Stack based buffer overflow
[Nov 15, 2007]	ZSA-2007-028-en.txt (signature)
	pcre3: memory overflow
[Nov 15, 2007]	ZSA-2007-027-en.txt (signature)
	pcre3: several
[Nov 15, 2007]	ZSA-2007-026-en.txt (signature)
	perl: heap overflow
[Oct 30, 2007]	ZSA-2007-025-en.txt (signature)
	openssl: remote code execution
[Oct 30, 2007]	ZSA-2007-24-en.txt (signature)
	util-linux: privilege escalation
[Oct 1, 2007]	ZSA-2007-023-en.txt (signature)
	openssl: Buffer overflow
[Sep 14, 2007]	ZSA-2007-022-en.txt (signature)
	fetchmail: Crash when warning messages are rejected
[Aug 29, 2007]	ZSA-2007-021-en.txt (signature)
	vim: arbitrary code execution
[27 Augh 2007]	ZSA-2007-019-en.txt (signature)
	tar: directory traversal vulnerability
[Aug 27, 2007]	ZSA-2007-018-en.txt (signature)
	clamav: Multiple vulnerabilities
[Aug 27, 2007]	ZSA-2007-020-en.txt (signature)
	rsync: arbitrary code execution
[Aug 16, 2007]	ZSA-2007-017-en.txt (signature)
	openssl: private key retrieval
[Aug 13, 2007]	ZSA-2007-016-en.txt (signature)
	file: Integer overflow in the "file" program.
[Aug 3, 2007]	ZSA-2007-015-en.txt (signature)
	tcpdump: tcpdump vulnerability
[Jul 31, 2007]	ZSA-2007-013-en.txt (signature)
	bind9: predictable query ID generation
[Jul 31, 2007]	ZSA-2007-011-en.txt (signature)
	fetchmail: Password disclosure
[Jul 31, 2007]	ZSA-2007-012-en.txt (signature)
	libnet-dns-perl: multiple vulnerabilities
[Jul 31, 2007]	ZSA-2007-014-en.txt (signature)
	clamav: multiple vulnerabilities
[Feb 26, 2007]	ZSA-2007-009-en.txt (signature)
	clamav: multiple vulnerabilities
[Feb 13, 2007]	ZSA-2007-008-en.txt (signature)
	postgresql: multiple vulnerabilities.
[Feb 5, 2007]	ZSA-2007-006-en.txt (signature)
	bind9: Denial of service
[Feb 1, 2007]	ZSA-2007-005-en.txt (signature)
	bind9: Denial of service
[Jan 26, 2007]	ZSA-2007-005-en.txt (signature)
	kernel-image-2.4.25, kernel-image-2.4.28, kernel-image-2.4.32: DoS attack, local privilege escalation
[Jan 24, 2007]	ZSA-2007-004-en.txt (signature)
	openldap2.2: Multiple vulnerabilities
[Jan 25, 2007]	ZSA-2007-002-en.txt (signature)
	wget: application crash
[Jan 17, 2007]	ZSA-2007-001-en.txt (signature)
	fetchmail: TLS enforcement failure
[Dec 14, 2006]	ZSA-2006-022-en.txt (signature)
	clamav: Multiple vulnerabilites in MIME handling.
[Oct 6, 2006]	ZSA-2006-021-en.txt (signature)
	python2.3, python2.4: Remote code execution
[Oct 6, 2006]	ZSA-2006-020-en.txt (signature)
	openssl: Denial of Service
[Oct 6, 2006]	ZSA-2006-019-en.txt (signature)
	openssh: Denial of Service attacks
[Oct 2, 2006]	ZSA-2006-018-en.txt (signature)
	openssl: Multiple DoS attacks
[Sep 15, 2006]	ZSA-2006-017-en.txt (signature)
	bind9: Denial Of Service attacks
[Sep 7, 2006]	ZSA-2006-016-en.txt (signature)
	openssl: RSA Signature Forgery
[Aug 11, 2006]	ZSA-2006-015-en.txt (signature)
	clamav: Denial of Service
[Aug 11, 2006]	ZSA-2006-014-en.txt (signature)
	krb5: privilege escalation
[Aug 4, 2006]	ZSA-2006-013-en.txt (signature)
	heartbeat: permission error
[Aug 4, 2006]	ZSA-2006-012-en.txt (signature)
	kernel-image-2.4.25, kernel-image-2.4.28, kernel-image-2.4.32, kernel-image-2.6.12: DoS attack, local privilege escalation
[Jul 26, 2006]	ZSA-2006-011-en.txt (signature)
	libnet-server-perl: format string vulnerability
[Jul 12, 2006]	ZSA-2006-010-en.txt (signature)
	ppp: Privilege escalation
[Jul 12, 2006]	ZSA-2006-009-en.txt (signature)
	shadow: Privilege escalation
[Jun 2, 2006]	ZSA-2006-008-en.txt (signature)
	postgresql: SQL injection
[May 31, 2006]	ZSA-2006-006-en.txt (signature)
	lynx: Denial of Service
[May 31, 2006]	ZSA-2006-007-en.txt (signature)
	openldap2, openldap2.2: Buffer overflow
[May 12, 2006]	ZSA-2006-006-en.txt (signature)
	kernel-image-2.4.25, kernel-image-2.4.28, kernel-image-2.4.32, kernel-image-2.6.12: DoS attack, local privilege escalation
[May 5, 2006]	ZSA-2006-005-en.txt (signature)
	clamav: Buffer overflow in Freshclam
[Apr 26, 2006]	ZSA-2006-004-en.txt (signature)
	cyrus-sasl2: Denial of Service
[Apr 11, 2006]	ZSA-2006-003-en.txt (signature)
	clamav: Multiple vulnerabilities
[Jan 27, 2006]	ZSA-2006-002-en.txt (signature)
	sudo: missing input sanitizing
[Jan 16, 2006]	ZSA-2006-001-en.txt (signature)
	kernel-image-2.4.25, kernel-image-2.4.28: DoS attack, local privilege escalation
[Jan 3, 2006]	ZSA-2005-035-en.txt (signature)
	sudo: missing input sanitizing
[Dec 9, 2005]	ZSA-2005-034-en.txt (signature)
	perl: Integer overflow in the format string function
[Nov 25, 2005]	ZSA-2005-033-en.txt (signature)
	ucd-snmp: Possible DoS attack
[Nov 25, 2005]	ZSA-2005-032-en.txt (signature)
	gtk+2.0: Multiple remote vulnerabilities
[Nov 9, 2005]	ZSA-2005-031-en.txt (signature)
	openvpn: Multiple remote vulnerabilites
[Nov 7, 2005]	ZSA-2005-030-en.txt (signature)
	openssl: cytographic weakness
[Nov 4, 2005]	ZSA-2005-029-en.txt (signature)
	tcpdump: DoS attack using specially crafted BGP packet
[Oct 27, 2005]	ZSA-2005-028-en.txt (signature)
	sudo: missing input sanitizing
22 September 2005	ZSA-2005-027-en.txt (signature)
	util-linux: Privilege escalation using umount
19 September 2005	ZSA-2005-026-en.txt (signature)
	libvbengine4: New database format
16 September 2005	ZSA-2005-025-en.txt (signature)
	python2.1: Possible integer overflow in the PCRE module
16 September 2005	ZSA-2005-024-en.txt (signature)
	pcre3: Possible integer overflows can lead to malicious program execution
16 September 2005	ZSA-2005-023-en.txt (signature)
	python2.3: Possible integer overflow in the PCRE module
[Aug 29, 2005]	ZSA-2005-022-en.txt (ZSA-2005-022-en.txt.asc)
	openvpn: multiple DoS vulnerabilities
[Aug 4, 2005]	ZSA-2005-021-en.txt (ZSA-2005-021-en.txt.asc)
	libvbengine4: failed to reload database
[Jul 25, 2005]	ZSA-2005-020-en.txt (ZSA-2005-020-en.txt.asc)
	heartbeat: insecure temporary files
[Jul 15, 2005]	ZSA-2005-019-en.txt (ZSA-2005-019-en.txt.asc)
	krb5: DoS, arbitrary program execution
[Jul 15, 2005]	ZSA-2005-018-en.txt (ZSA-2005-018-en.txt.asc)
	gzip: race condition, path traversal problem
[Jul 15, 2005]	ZSA-2005-017-en.txt (ZSA-2005-017-en.txt.asc)
	bzip2: infinite loop
[Jun 24, 2005]	ZSA-2005-016-en.txt (ZSA-2005-016-en.txt.asc)
	sudo: arbitrary program execution
[Jun 8, 2005]	ZSA-2005-015-en.txt (ZSA-2005-015-en.txt.asc)
	vim: arbitrary program execution
[Jun 8, 2005]	ZSA-2005-014-en.txt (ZSA-2005-014-en.txt.asc)
	bzip2: race condition
[Jun 8, 2005]	ZSA-2005-013-en.txt (ZSA-2005-013-en.txt.asc)
	dhcp: arbitrary code execution
[Apr 15, 2005]	ZSA-2005-012-en.txt (ZSA-2005-012-en.txt.asc)
	kernel: possible privilege escalation
[Mar 30, 2005]	ZSA-2005-011-en.txt (ZSA-2005-011-en.txt.asc)
	krb5: remote code execution
[Mar 30, 2005]	ZSA-2005-010-en.txt (ZSA-2005-010-en.txt.asc)
	netkit-telnet: remote code execution
[Mar 24, 2005]	ZSA-2005-009-en.txt (ZSA-2005-009-en.txt.asc)
	perl: possible privilege escalation
[Feb 18, 2005]	ZSA-2005-008-en.txt (ZSA-2005-008-en.txt.asc)
	postgresql: PL/PgSQL buffer overflows
[Feb 18, 2005]	ZSA-2005-007-en.txt (ZSA-2005-007-en.txt.asc)
	python2.3: remote code execution through the RPC module
[Feb 08, 2005]	ZSA-2005-006-en.txt (ZSA-2005-006-en.txt.asc)
	postgresql: privilege escalation
[Feb 07, 2005]	ZSA-2005-005-en.txt (ZSA-2005-005-en.txt.asc)
	cpio: broken file permissions
[Jan 31, 2005]	ZSA-2005-004-en.txt (ZSA-2005-004-en.txt.asc)
	kernel local DoS attack, local root exploit
[Jan 13, 2005]	ZSA-2005-003-en.txt (ZSA-2005-003-en.txt.asc)
	glibc insecure temporary files
[Jan 13, 2005]	ZSA-2005-002-en.txt (ZSA-2005-002-en.txt.asc)
	krb5 buffer overflow
[Jan 04, 2005]	ZSA-2005-001-en.txt (ZSA-2005-001-en.txt.asc)
	perl insecure temporary files/ directories
[Nov 17, 2004]	ZSA-2004-020-en.txt (ZSA-2004-020-en.txt.asc)
[Nov 09, 2004]	ZSA-2004-019-en.txt (ZSA-2004-019-en.txt.asc)
[Nov 09, 2004]	ZSA-2004-018-en.txt (ZSA-2004-018-en.txt.asc)
[Nov 09, 2004]	ZSA-2004-017-en.txt (ZSA-2004-017-en.txt.asc)
[Nov 04, 2004]	ZSA-2004-016-en.txt (ZSA-2004-016-en.txt.asc)
[Nov 03, 2004]	ZSA-2004-015-en.txt (ZSA-2004-015-en.txt.asc)
[Oct 26, 2004]	ZSA-2004-013-en.txt (ZSA-2004-013-en.txt.asc)
[Oct 15, 2004]	ZSA-2004-012-en.txt (ZSA-2004-012-en.txt.asc)
[Sep 17, 2004]	ZSA-2004-011-en.txt (ZSA-2004-011-en.txt.asc)
[Sep 2, 2004]	ZSA-2004-010-en.txt (ZSA-2004-010-en.txt.asc)
[Sep 1, 2004]	ZSA-2004-009-en.txt (ZSA-2004-009-en.txt.asc)
[Aug 12, 2004]	ZSA-2004-008-en.txt (ZSA-2004-008-en.txt.asc)
[Aug 11, 2004]	ZSA-2004-007-en.txt (ZSA-2004-007-en.txt.asc)
[Aug 11, 2004]	ZSA-2004-006-en.txt (ZSA-2004-006-en.txt.asc)
[June 25, 2003]	ZSA-2003-008-en.txt (ZSA-2003-008-en.txt.asc)
[May 5, 2003]	ZSA-2003-007-en.txt (ZSA-2003-007-en.txt.asc)
[September 27, 2002]	ZSA-2002-014-en.txt (ZSA-2002-014-en.txt.asc)

Further security advisories are available in Hungarian only.

BalaBit IT Security
Address: Budapest, BĂĄrtfai str. 54. H-1115, Hungary
Phone: +36 1 371 0540
Fax: +36 1 208 0875

Support

Related pages