image
image

 Home News Alerts Trends Statistics Research Services Incident Reporting Training/Events Links Careers Contact About



THIS IS THE ARCHIVED ALERTS PAGE FOR 2006


________________

Alerts and Updates:
Adobe
Apple
Borderware
Cisco Systems
GnuPG
Microsoft
Mozilla
OpenOffice
Opera
PGP
Redhat
Snort
Sun
Wireshark

IPS/IDS Signature Updates:
Cisco
Snort

Note: The majority of links on this page are to external websites. ________________

Alerts and Updates (Archives) for 2006


NZCERT uses the following colour codings to classify these alerts and updates:

Critical
Important
Moderate
Low
Unassigned or classification not available

Note: Where Vendors use the Common Vulnerability Scoring System (CVSS), NZCERT uses the CVSS Temporal Score to classify the vulnerability using the above categories. If multiple CVSS scores are provided under the same security alert, this classification is based on the highest CVSS Temporal Score. More information on CVSS can be found here.



Adobe
Adobe: Update for buffer overflow in Adobe Download Manager05Dec06
Adobe: Update for potential vulnerabilities in Reader and Acrobat705Dec06

Apple
Apple: Mac OS X 10.4.8 Security Update 2006-008 19Dec06
Apple: Mac OS X 10.3.9, Mac OS X 10.4.8 Security Update 2006-007 28Nov06
Apple: Apple Remote Desktop 3.116Nov06
Apple: Xcode Tools 2.4.1 Mac OS X 10.4 or later31Sep06
Apple: Mac OS X 10.4.8 and Security Update 2006-00629Sep06
Apple: AirPort Update 2006-001 and Security Update 2006-00521Sep06
Apple: QuickTime 7.1.312Sep06

Borderware
Borderware: Security Patch fs73s02 (requires support contract)20Oct06
Borderware: Security Patch fs73s01 (requires support contract)13Sep06

Cisco Systems
Cisco: Multiple Vulnerabilities in Cisco Secure Desktop08Nov06
Cisco: CSA Management Center LDAP Administrator Authentication Bypass01Nov06
Cisco: CSA for Linux Port Scan Denial of Service25Oct06
Cisco: Default Password in Wireless Location Appliance12Oct06
Cisco: Limitations in Cisco Secure Desktop06Oct06
Cisco: Access Point Web-browser Interface Vulnerability Updated20Sep06
Cisco: DOCSIS RW Community String Enabled in Non-DOCSIS Platforms20Sep06

GnuPG
GnuPG: remotely controllable function pointer 06Dec06

Microsoft
Microsoft: Security Bulletin for December 2006 (3 updates Critical)12Dec06
Microsoft: Vulnerability in MS Word Could Allow Remote Code Execution06Dec06
Microsoft: Exploit Code Affecting the Workstation Service on Win2K16Nov06
Microsoft: Security Bulletin for November 2006 (5 updates Critical)14Nov06
Microsoft: Security Bulletin for October 2006 (6 updates Critical)11Oct06

Mozilla
Mozilla: XSS using outer window's Function object19Dec06
Mozilla: RSS Feed-preview referrer leak19Dec06
Mozilla: Mail header processing heap overflows19Dec06
Mozilla: Mozilla SVG Processing Remote Code Execution19Dec06
Mozilla: XSS by setting img.src to javascript: URI19Dec06
Mozilla: LiveConnect crash finalizing JS objects19Dec06
Mozilla: Privilege escallation using watch point19Dec06
Mozilla: CSS cursor image buffer overflow (Windows only)19Dec06
Mozilla: Crashes with evidence of memory corruption (rv:1.8.0.9/1.8.1.1)19Dec06
Mozilla: Running Script can be recompiled07Nov06
Mozilla: RSA Signature Forgery07Nov06
Mozilla: Crashes with evidence of memory corruption07Nov06

OpenOffice

Opera Software

PGP Corporation

Redhat
Red Hat: tar security update19Dec06
Red Hat: firefox security update19Dec06
Red Hat: seamonkey security update19Dec06
Red Hat: thunderbird security update19Dec06
Red Hat: mod_auth_kerb security update06Dec06
Red Hat: gnupg security update06Dec06
Red Hat: nss_ldap security update15Nov06
Red Hat: openssh security update15Nov06
Red Hat: elinks security update15Nov06
Red Hat: wireshark security update09Nov06
Red Hat: texinfo security update08Nov06
Red Hat: ruby security update08Nov06
Red Hat: firefox security update08Nov06
Red Hat: seamonkey security update08Nov06
Red Hat: thunderbird security update08Nov06
Red Hat: php security update06Nov06
Red Hat: qt security update01Nov06

Snort

Sun
Java Runtime Environment Untrusted Applets Privilege Elevation19Dec07

Wireshark
Wireshark: Multiple problems in Wireshark versions 0.9.8 to 0.99.331Oct06

IPS / IDS Signature Updates (Archives)

Cisco: IDS Update Bulletin 19 Dec 2006 (S263) (requires support contract)19Dec06
Cisco: IDS Update Bulletin 15 Dec 2006 (S262) (requires support contract)15Dec06
Cisco: IDS Update Bulletin 13 Dec 2006 (S261) (requires support contract)13Dec06
Cisco: IDS Update Bulletin 30 Nov 2006 (S260) (requires support contract)30Nov06

Snort
Snort: VRT Rule new rules category for "specific threats"15Dec06
Snort: VRT Rule for MS06-073, 074, 076, 077 and 07812Dec06
Snort: VRT Rule for MS06-068, MS03-026 and 3COM TFTP CVE-2006-618307Dec06
Snort: VRT Rule for MS06-066 and WinZip ActiveX CVE-2006-519816Nov06




 Home News Alerts Trends Statistics Research Services Incident Reporting Training/Events Links Careers Contact About
image
image
 ©Copyright 2007 NZCERT All Rights Reserved
For more information feel free to contact us
image