=========================================================================== S-index CERT-NL =========================================================================== Security Advisories Updated: 14-sep-99 =========================================================================== S-92-01 - NeXTstep Configuration Vulnerability Date : 20-Jan-92 S-92-02 - Michelangelo PC Virus Warning Date : 06-Feb-92 S-92-03 - Internet Intruder Activity Date : 17-Feb-92 S-92-04 - AT&T /usr/etc/rexecd Vulnerability Date : 25-Feb-92 S-92-05 - AIX REXD Daemon Vulnerability Date : 05-Mar-92 S-92-06 - AIX uucp Vulnerability Date : 19-Mar-92 S-92-07 - AIX /bin/passwd Vulnerability Date : 31-Mar-92 S-92-08 - Silicon Graphics Computer Systems "IRIX" lpr Vulnerability Date : 10-Apr-92 S-92-09 - AIX Anonymous FTP Vulnerability Date : 27-Apr-92 S-92-10 - AIX crontab Vulnerability Date : 26-May-92 S-92-11 - SunOS Environment Variables and setuid/setgid Vulnerability Date : 27-May-92 S-92-12 - Revised Patch for SunOS /usr/etc/rpc.mountd Vulnerability Date : 28-May-92 S-92-13 - SunOS NIS Vulnerability Date : 04-Jun-92 S-92-14 - Altered System Binaries Incident Date : 22-Jun-92 S-92-15 - Multiple SunOS Vulnerabilities Patched Date : 21-Jul-92 S-92-16 - Potential Security Vulnerability Identifie in Monitor (VMS) Date : 25-Aug-92 S-92-17 - Novell Access Rights Vulnerability Date : 23-Sep-92 S-92-18 - VMS Monitor V5.3 through V5.4-2 Date : 22-Oct-92 S-92-19 - VMS Monitor V5.0 through V5.4-2 Date : 03-Nov-92 S-92-20 - Sun Security Bulletin #00118 Date : 17-Nov-92 S-92-21 - HP NIS Vulnerability Advisory Date : 24-Nov-92 S-92-22 - Destructive CHKDSK bug in some DOS versions Date : 10-Dec-92 S-92-23 - Additional info concerning DOS CHKDSK bug Date : 11-Dec-92 S-92-24 - Cisco Access List Vulnerability Date : 11-Dec-92 S-92-25 - ConvexOS & ConvexOS/Secure Vulnerabilities Date : 17-Dec-92 S-93-01 - HP NIS Vulnerability Advisory(REVISED) Date : 18-Jan-93 S-93-02 - Macintosh "Hermes Optimizer 1.1" problem Date : 05-Jan-93 S-93-03 - Virus in file ypcbr101.zip on Simtel Date : 11-Jan-93 S-93-04 - NeXT NetInfo "_writers" Vulnerabilities Date : 22-Jan-93 S-93-05 - SunOS File/Directory Permissions Date : 05-Feb-93 S-93-06 - Calender Manager Russell Inform. Sciences (VMS) Date : 10-Feb-93 S-93-07 - VAX/VMS failure to disable user accounts Date : 13-Feb-93 S-93-08 - Commodore Amiga UNIX finger Vulnerability Date : 19-Feb-93 S-93-09 - VMS security advisory (update 3) Date : 09-Mar-93 S-93-10 - Sun Security Patches and Software Updates Date : 24-Mar-93 S-93-11 - wuarchive ftpd Vulnerability Date : 11-Apr-93 S-93-12 - Cisco Router Packet Handling Vulnerability Date : 23-Apr-93 S-93-13 - SunOS/Solaris "expreserve" Vulnerability Date : 02-Jul-93 S-93-14 - Anonymous FTP Activity Date : 29-Jul-93 S-93-15 - SCO /bin/passwd Vulnerability Date : 05-Aug-93 S-93-16 - UMN UNIX gopher and gopher+ Vulnerabilities Date : 09-Aug-93 S-93-17 - Vulnerabilities in VM/CMS and VM/CMS ESA Date : 31-Aug-93 S-93-18 - Netware 4.x LOGIN.EXE vulnerability Date : 16-Sep-93 S-93-19 - SCO Home Directory Vulnerability Date : 17-Sep-93 S-93-20 - Internet Security Scanner Date : 01-Oct-93 S-93-21 - /usr/lib/sendmail, /bin/tar, /dev/audio vulnerabilities Date : 22-Oct-93 S-93-22 - SGI IRIX configuration vulnerabilities Date : 25-Oct-93 S-93-23 - Sendmail vulnerability Date : 05-Nov-93 S-93-24 - Xterm Loging vulnerability Date : 15-Nov-93 S-93-25 - SunOS/Solbourne loadmodule and modload Vulnerability Date : 16-Dec-93 S-93-26 - Solaris system startup vulnerability Date : 20-Dec-93 S-93-27 - Sun SECURITY BULLETIN: new patches Date : 24-Dec-93 S-94-01 - Superseded by S-94-18 Date : ......... S-94-01.APPENDIX - Superseded by S-94-18.APPENDIX Date : ......... S-94-02 - Ongoing Network Monitoring Attacks Date : 04-Feb-94 S-94-03 - Revised patch for SunOS /usr/etc/rpc.mountd Date : 15-Feb-94 S-94-04 - IBM AIX Performance Tools Vulnerabilities Date : 25-Feb-94 S-94-05 - AIX/ESA v2.2 mail queue spooling directory Date : 28-Feb-94 S-94-06 - SunOS /usr/ucb/rdist Vulnerability (plus rdist addendum for non-SunOS systems) Date : 18-Mar-94 S-94-07 - Writable /etc/utmp Vulnerability Date : 01-Apr-94 S-94-08 - wuarchive ftpd Trojan Horse Date : 07-Apr-94 S-94-09 - MD5 Checksums Date : 08-Apr-94 S-94-10 - ftpd Vulnerabilities Date : 15-Apr-94 S-94-11 - Security Vulnerability in HP Vue 3.0 Date : 22-Apr-94 S-94-12 - SUN Solaris 2.3 "automountd" vulnerability Date : 11-May-94 S-94-13 - Vulnerability in HP/UX /etc/subnetconfig Date : 17-May-94 S-94-14 - Ultrix and OSF/1 Security Enhanced Kit Date : 18-May-94 S-94-15 - Vulnerability in IBM and Linux /bin/login Date : 24-May-94 S-94-16 - IBM AIX bsh Vulnerability Date : 07-Jun-94 S-94-17 - Majordomo Vulnerabilities Date : 10-Jun-94 S-94-18 - Sendmail Vulnerabilities Date : 15-Jul-94 S-94-18.APPENDIX - Addendum to Sendmail Vulnerabilities Date : 15-Jul-94 S-94-19 - SGI IRIX Help Vulnerability Date : 12-Aug-94 S-94-20 - SGI IRIX V4 serial_ports vulnerability Date : 04-Oct-94 S-94-21 - Trojan Horse in IRC Client for UNIX Date : 21-Oct-94 S-94-22 - DECnet/OSI vulnerabilities Date : 05-Dec-94 S-94-23 - NFS Vulnerabilities Date : 20-Dec-94 S-94-24 - DEC ULTRIX and OSF/1 vulnerabilities Date : 23-Dec-94 S-95-01 - TS1423 virus (DOS) Date : 13-Jan-95 S-95-02 - New and Revised HP Bulletins Date : 20-Jan-95 S-95-03 - Summary of security related HP patches Date : 20-Jan-95 S-95-04 - IP spoofing attacks and hijacked term. conn. Date : 23-Jan-95 S-95-05 - /bin/mail vulnerabilities Date : 30-Jan-95 S-95-05.APPENDIX - /bin/mail vulnerabilities Date : 30-Jan-95 S-95-06 - Kerberos/Telnet Encryption Vulnerability Date : 13-Feb-95 S-95-06.APPENDIX - Kerberos/Telnet Encryption Vuln. Date : 13-Feb-95 S-95-07 - NCSA HTTP Daemon for UNIX Vulnerability Date : 19-Feb-95 S-95-08 - Sendmail Vulnerabilities Date : 23-Feb-95 S-95-09 - SGI permissions tool&colorview vulnerabilitiesDate : 10-Mar-95 S-95-10 - SATAN / SANTA Date : 05-Apr-95 S-95-10.HP - SATAN /SANTA specifics for HP systems Date : 05-Apr-95 S-95-10.SUN - SATAN/SANTA specifics for SUN systems[2] Date : 06-Apr-95 S-95-10.SGI - SATAN/SANTA specifics for SGI systems Date : 07-Apr-95 S-95-10.AIX - SATAN/SANTA specifics for IBM AIX Date : 14-Apr-95 S-95-10.DEC - SATAN/SANTA specifics for Digital productsDate : 14-Apr-95 S-95-11 - UNIX Computer Security Checklist Date : 05-Apr-95 S-95-12 - SATAN / SANTA Version 1.1.1 (new release) Date : 13-Apr-95 S-95-13 - Logdaemon/FreeBSD vulnerability in S/Key Date : 15-Jun-95 S-95-14 - OSF/DCE Security Hole Date : 25-Jul-95 S-95-15 - /tmp sticky bit may allow root access Date : 15-Aug-95 S-95-16 - vulnerability in lsof versions 3.18 - 3.43 Date : 29-Sep-95 S-95-17 - ghostscript vulnerability Date : 29-Sep-95 S-95-18 - SGI Softwindows 1.25 vulnerability Date : 04-Oct-95 S-95-19 - Telnetd Environment Vulnerability Date : 08-Nov-95 S-95-20 - SGI Lp Vulnerability Date : 09-Nov-95 S-95-21 - wu-ftpd Misconfiguration Vulnerability Date : 01-Dec-95 S-95-22 - rpc.ypupdated vulnerability Date : 13-Dec-95 S-95-23 - HP-UX ftp vulnerability Date : 15-Dec-95 S-95-24 - Widespread attacks on the Internet Date : 18-Dec-95 S-95-25 - Version 1.1 Unix Security Checklist AUSCERT Date : 19-Dec-25 S-95-26 - elm 2.4 PL 24 vulnerability Date : 19-Dec-95 S-96-01 - SGI object Server Vulnerability Date : 05-Jan-96 S-96-02 - Vendor-Initiated Bulletin VB-96.01-splitvt Date : 26-Jan-96 S-96-03 - SGI Incorrect Permissions on Packing SubsystemDate : 02-Feb-96 S-96-04 - UDP Port Denial-of-Service Attack Date : 09-Feb-96 S-96-05 - Winword Macro Viruses Date : 09-Feb-96 S-96-06 - BIND (DNS) version 4.9.3 vulnerability Date : 16-Feb-96 S-96-07 - Vulnerability in Kerberos 4 Key Server Date : 21-Feb-96 S-96-08 - Sun: possible vulnerability in demo CD's Date : 01-Mar-96 S-96-09 - Vuln. in NCSA/Apache CGI Sample Code Date : expired S-96-10 - SGI, Security vuln. in rpc.statd program Date : 01-Mar-96 S-96-11 - SGI Sendmail update Date : 01-Mar-96 S-96-12 - Java Implementations Can Allow Connections to an Arbitrary Host Date : 06-Mar-96 S-96-13 - Netscape 2.0 Security Risks (2)Date : 11-Mar-96 S-96-14 - CGI vulnerability Date : 19-Apr-96 S-96-15 - BSD/OS 2.0/2.0.1 kernel vulnerability Date : 20-Mar-96 S-96-16 - netscape / Java development kit Date : 29-Mar-96 S-96-17 - OSF/1 dxconsole vulnerability Date : 04-Apr-96 S-96-18 - Trojan Horse Versions of PKZIP Date : 19-Apr-96 S-96-19 - Vulnerability in IBM AIX "rmail" Date : 19-Apr-96 S-96-20 - Vulnerabilities in PCNFSD Date : 19-Apr-96 S-96-21 - Vulnerability in rpc.statd Date : 24-Apr-96 S-96-22 - CERN Web-server 3.0 Date : 16-May-96 S-96-23 - Vend.Init.Bull: FreeBSD-vfsload Date : 20-May-96 S-96-24 - Vend.Init.Bull: FreeBSD-SA-96:10.mount_union Date : 20-May-96 S-96-25 - NIS+ configuration vulnerability Date : 20-May-96 S-96-26 - SGI: IRIX 5.3, 6.1, 6.2 Desktop Permiss.Panel Date : 22-May-96 S-96-27 - Sun: Solaris 2.x (SunOS 5.x) and Solaris 1.x (SunOS 4.1.x)Security related patches Date : 22-May-96 S-96-28 - Vend.Init.Bull: FreeBSD man page Date : 23-May-96 S-96-29 - Vend.Init.Bull: SCO kernel sec. Date : 12-Jun-96 S-96-30 - FreeBSD Firewall filter leak Date : 24-Jun-96 S-96-31 - Vulnerability in suidperl Date : 27-Jun-96 S-96-32 - Digital Software Security Kits release Date : 02-Jul-96 S-96-33 - Vend.Init.Bull: FreeBSD sec. compr. from ppp Date : 08-Jul-96 S-96-34 - Vulnerability in the dip program Date : 10-Jul-96 S-96-35 - Vend.Init.Bull: FreeBSD sec. vulnr. in rdist Date : 17-Jul-96 S-96-36 - Vend.Init.Bull: FreeBSD "Trojan Horse" vulnerability via rz program Date : 17-Jul-96 S-96-37 - Vend.Init.Bull: HP vulnerability Date : 19-Jul-96 S-96-38 - Vulnerability in rdist Date : 24-Jul-96 S-96-39 - Vulnerability in Solaris 2.5 KCMS programs Date : 01-Aug-96 S-96-40 - Vulnerability in Solaris 2.x admintool Date : 07-Aug-96 S-96-41 - Vulnerability in Solaris 2.x vold Date : 07-Aug-96 S-96-43 - Vulnerability in fm_fls (Framemaker) Date : 15-Aug-96 S-96-44 - Vulnerabilities in expreserve (overview) Date : 16-Aug-96 S-96-45 - Linux vulnerabilities in mount and umount Date : 16-Aug-96 S-96-46 - IRIX Visual Admin/User Programs Date : 19-Aug-96 S-96-47 - Euthanasia/Hare/Krshna Virus Alert Date : 22-Aug-96 S-96-48 - Vulnerability in "bash" Date : 22-Aug-96 S-96-49 - Vulnerability in "Workman" Date : 31-Oct-96 S-96-50 - Vulnerability in Microsoft Explorer Date : 30-Aug-96 S-96-51 - SCO: Patch for system call security issue Date : 17-Sep-96 S-96-52 - HP Vue 3.0 vulnerability Date : 17-Sep-96 S-96-53 - TCP SYN-ACK Attack Proliferates on Internet Date : 19-Sep-96 S-96-53.SUN - TCP "SYN flood" attack specifics for SUN Date : 11-Oct-96 S-96-54 - Sendmail Vulnerabilities Date : 20-Sep-96 S-96-55 - Multi-platform Unix FLEXlm Vulnerabilities Date : 25-Sep-96 S-96-56 - Vulnerabilities in bash (see S-96-48!!!!) Date : obsolete S-96-57 - Solaris 2.x Solstice Admintool Launcher Date : 16-Oct-96 S-96-58 - Sendmail 8.8.0/8.8.1 vulnerability Date : 21-Oct-96 S-96-59 - Vulnerabilities in HP Remote Watch Software Date : 24-Oct-96 S-96-60 - SGI Desktop System Monitor Subsystem Vulnerab.Date : 31-Oct-96 S-96-61.HP - Vulnerability with incoming ICMP Echo Request (ping) packets on HP systems Date : 31-Oct-96 S-96-61.DEC - Vulnerability with incoming ICMP Echo Request (ping) packets on DEC systems Date : 08-Nov-96 S-96-61.IBM - Patches for IBM AIX(r) Address `SYN Flood' and `Ping o' Death' Vulnerabilities Date : 03-Dec-96 S-96-62 - Vulnerabilities in IRIX's systour & OutOfBox Date : 07-Nov-96 S-96-63 - HP-UX SYSDIAG Vulnerability Date : 18-Nov-96 S-96-64 - Sendmail Daemon Mode Vulnerability (2)Date : 22-Nov-96 S-96-65 - libc and libnsl vuln. in SUN Solaris Date : 21-Nov-96 S-96-66 - CDPlayer vuln. in SGI IRIX 5.x & 6.x Date : 26-Nov-96 S-96-67 - LPR buffer overrun vuln. in BSD based sw Date : 26-Nov-96 S-96-68 - HP-UX passwd buffer overrun vulnerability Date : 28-Nov-96 S-96-69 - HP-UX fpkg2swpkg Vulnerability Date : 29-Nov-96 S-96-70 - sendmail Group Permissions Vulnerability Date : 03-Dec-96 S-96-71 - HP-UX newgrp Buffer Overrun Vulnerability Date : 03-Dec-96 S-96-72 - IBM-AIX gethostbyname vulnerability Date : 03-Dec-96 S-96-73 - Vulnerability in IBM AIX "lquerypv" command Date : 03-Dec-96 S-96-74 - Korn Shell (ksh) suid_exec vulnerability Date : 05-Dec-96 S-96-75 - HP 9000 series 700/800; uid & gid > 60000 Date : 09-Dec-96 S-96-76 - IRIX: Desktop searchbook Program Date : 09-Dec-96 S-96-77 - HP-UX chfn Buffer Overrun Vulnerability Date : 09-Dec-96 S-96-78 - Vulnerability in INN Date : 11-Dec-96 S-96-79 - FreeBSD: Buffer overflow in modstat Date : 11-Dec-96 S-97-01 - Vulnerability in IRIX csetup Date : 09-Jan-97 S-97-02 - IRIX: XFS Filesystem Security Date : 13-Jan-97 S-97-03 - talkd Buffer Overrun Vulnerability Date : 17-Jan-97 S-97-04 - Sendmail 8.8.3 and 8.8.4 Vulnerability Date : 22-Jan-97 S-97-05 - talkd Date : 27-Jan-97 S-97-06 - ftpd race condition Date : 29-Jan-97 S-97-07 - setlocale() buffer overflow Date : 06-Feb-97 S-97-08 - rlogin-term Date : 06-Feb-97 S-97-09 - HP-UX vgdisplay Date : 07-Feb-97 S-97-10 - SGI IRIX startmidi/stopmidi vulnerability Date : 12-Feb-97 S-97-11 - Solaris ffbconfig vulnerability Date : 14-Feb-97 S-97-12 - HP-UX ppl vulnerability Date : 14-Feb-97 S-97-12.ADD - HP-UX ppl core dump vulnerability Date : 18-Feb-97 S-97-13 - Vulnerability in httpd nph-test-cgi script Date : 19-Feb-97 S-97-14 - Vulnerability in innd Date : 21-Feb-97 S-97-15 - Solaris 2.x CDE sdtcm_convert vulnerability Date : 24-Feb-97 S-97-16 - Solaris 2.x passwd buffer Overrun Vuln. Date : 27-Feb-97 S-97-17 - Microsoft Internet Explorer Vulnerability Date : 05-Mar-97 S-97-18 - SGI: IRIX 5.x and 6.x fsdump Security Date : 11-Mar-97 S-97-19 - Solaris 2.x eject Buffer Overrun VulnerabilityDate : 17-Mar-97 S-97-20 - Digital UNIX Division of Privilege (DoP) Date : 17-Mar-97 S-97-21 - Solaris 2.x fdformat Buffer Overflow Vuln. Date : 24-Mar-97 S-97-22 - Vulnerabilities in INN related news servers Date : 04-Apr-97 S-97-23 - Vulnerability in IMAP and POP Date : 09-Apr-97 S-97-24 - Vulnerability in FreeBSD sysinstall Date : 09-Apr-97 S-97-25 - SGI IRIX login LOCKOUT parameter Vuln. Date : 11-Apr-97 S-97-26 - SGI: IRIX 5.x and 6.x gmemusage vulnarable Date : 25-Apr-97 S-97-27 - Vulnerability in Natural Language Service Date : 25-Apr-97 S-97-28 - Selena Sol's Guestbook vulnerable Date : 28-Apr-97 S-97-29 - libXt (pre X11 R 6.3) buffer overflow Date : 01-May-97 S-97-30 - SGI: csetup Program Vulnerability Date : 06-May-97 S-97-31 - Vulnerability in webdist.cgi Date : 06-May-97 S-97-32 - Vulnerability in xlock Date : 08-May-97 S-97-33 - IRIX netprint Program Security Issues Date : 09-May-97 S-97-34 - Solaris 2.x lp temp files creation vuln. Date : 14-May-97 S-97-35 - IRIX runpriv Security Issue Date : 21-May-97 S-97-36 - Solaris ps Buffer Overflow Vulnerability Date : 14-May-97 S-97-37 - Windows NT/95 Out of Band Data Exploit Date : 21-May-97 S-97-38 - Solaris chkey Buffer Overflow Vulnerability Date : 22-May-97 S-97-39 - Vulnerability in metamail Date : 22-May-97 S-97-40 - SGI IRIX df Buffer Overrun Vulnerability Date : 30-May-97 S-97-41 - SGI IRIX pset Buffer Overrun Vulnerability Date : 30-May-97 S-97-42 - SGI IRIX eject Buffer Overrun Vulnerability Date : 30-May-97 S-97-43 - SGI IRIX login/scheme Buffer Overrun Vuln. Date : 30-May-97 S-97-44 - SGI IRIX ordist Buffer Overrun Vuln. Date : 30-May-97 S-97-45 - SGI IRIX rld security vulnerability Date : 30-May-97 S-97-46 - SUN: Vulnerability in eeprom Date : 25-Jun-97 S-97-47 - SUN: Vulnerability in chkey Date : 25-Jun-97 S-97-48 - Vulnerability in rpcbind on SUNOS & SOLARIS Date : 20-jun-97 S-97-49 - lpr Buffer Overrun Vulnerability Date : 26-Jun-97 S-97-50 - SUN: Vuln. with Solaris Soltice AdminSuite Date : 26-Jun-97 S-97-51 - Microsoft IIS Boundary Condition Vuln. Date : 01-Jul-97 S-97-52 - Netscape Navigator Security Vulnerability Date : 01-Jul-97 S-97-53 - SGI IRIX 5.0/6.4 xlock buffer overflow Date : 08-Jul-97 S-97-54 - JavaScript Vulnerability Date : 09-Jul-97 S-97-55 - HP-UX 9.X & 10.X chfn vulnerability Date : 10-Jul-97 S-97-56 - Vulnerability in Lynx Temporary Files Date : 17-Jul-97 S-97-57 - SGI Buffer Overflow Vulnerabilities Date : 17-Jul-97 S-97-58 - Vulnerability in Lynx Downloading Date : 17-Jul-97 S-97-59 - INN News Server Vulnerabilities Date : 25-Jul-97 S-97-60 - SUN: Vulnerability in NIS+ Date : 07-Aug-97 S-97-61 - HP-UX X11/Motif Lib and Novell Netware Vuln. Date : 07-Aug-97 S-97-62 - IRIX ordist Buffer Overrun Vulnerability Date : 08-Aug-97 S-97-63 - Vulnerability in BIND Date : 14-Aug-97 S-97-64 - Vulnerability in ps Date : 14-Aug-97 S-97-65 - Vulnerability in ifconfig ioctls Date : 27-Aug-97 S-97-66 - Vulnerabilities in libXt Date : 27-Aug-97 S-97-67 - SGI IRIX webdist.cgi, handler and wrap vuln. Date : 01-Sep-97 S-97-68 - Avoiding the relay of e-mail spam (2)Date : 12-Sep-97 S-97-69 - SGI IRIX LOCKOUT & login/scheme buffer overr. Date : 17-Sep-97 S-97-70 - Buffer Overflow Problem in rdist Date : 18-Sep-97 S-97-71 - SUN vulnerabilities in libX11 Date : 19-Sep-97 S-97-72 - Transarc vulnerability Date : 26-Sep-97 S-97-73 - Vulnerabilities in Cisco CHAP Authentication Date : 26-Sep-97 S-97-74 - NEC/UNIX "nosuid" mount opt. vulnerability Date : 17-Oct-97 S-97-75 - HP-UX mediainit vulnerability Date : 17-Oct-97 S-97-76 - HP-UX Denial of Service via telnet vuln. Date : 17-Oct-97 S-97-77 - Five-pack IBM AIX vulnerabilities Date : 31-Oct-97 S-97-78 - AIX ftp client vulnerability Date : 04-Nov-97 S-97-79 - four SUN Solaris 2.3-5 vulnerabilities Date : 04-Nov-97 S-97-80 - Buffer overrun in Count.cgi Date : 05-Nov-97 S-97-81 - Sanitizing User-Supplied Data in CGI Scripts Date : 13-nov-97 S-97-82 - Vuln. in GlimpseHTTP and WebGlimpse cgi-bin Date : 18-Nov-97 S-97-83 - another 5 IRIX vulnerabilities Date : 20-Nov-97 S-97-84 - Vulnerability in SCO scoterm Date : 25-Nov-97 S-97-85 - SUN:V8 Sendmail SunOS 4.1.4 and 4.1.3_U1 Date : 04-Dec-97 S-97-86 - SUN: Buffer overflow vulnerability in at Date : 04-Dec-97 S-97-87 - Buffer Overrun Vulnerability in statd(1M) Date : 12-Dec-97 S-97-88 - FreeBSD Inc. vendor initiated bulletin Date : 12-Dec-97 S-97-89 - Vulnerability in some FTP daemons Date : 12-Dec-97 S-97-90 - IP Denial-of-Service Attacks Date : 17-Dec-97 S-97-91 - Vulnerability in CrackLib v2.5 Date : 19-Dec-97 S-97-92 - Denial-of-service vuln. in Solaris on Pentium Date : 19-Dec-97 S-97-93 - SGI vers. of Buffer Overrun Vuln. in statd(1M)Date : 19-Dec-97 S-98-01 - "smurf" IP Denial-of-Service Attacks Date : 09-Jan-98 S-98-02 - Vulnerability EWS1.1 in Unix and Windows NT Date : 19-jan-98 S-98-03 - Apache Security Advisory Date : 20-jan-98 S-98-04 - Vulnerabilities in CDE Date : 22-Jan-98 S-98-05 - Vulnerability in ssh-agent Date : 23-Jan-98 S-98-06 - Vulnerability in ssh-agent for Unix Date : 02-Feb-98 S-98-07 - WinNT based Web Servers File Access Vuln. Date : 02-Feb-98 S-98-08 - Denial of service attacks & MS TCP/IP stack Date : 05-Mar-98 S-98-09 - Vulnerability in SunOS vacation program Date : 06-Mar-98 S-98-10 - SunOS vulnerability in dtaction Date : 06-Mar-98 S-98-11 - SunOS vulnerability in ndd Date : 12-Mar-98 S-98-12 - SunOS vulnerability in rpc.cmsd Date : 12-Mar-98 S-98-13 - Land attack on FreeBSD systems Date : 13-Mar-98 S-98-14 - FreeBSD security compromise via mmap Date : 13-Mar-98 S-98-15 - SGI vulnerability startmidi/stopmidi, datman/cdman, cdplayer Date : 13-Mar-98 S-98-16 - SGI Vulnerability in suidperl/sperl program Date : 14-Apr-98 S-98-17 - Security Vulnerability with inetd on HP-UX Date : 14-Apr-98 S-98-18 - SGI Overflow vulnerability in suid_exec Date : 14-Apr-98 S-98-19 - SUN Vulnerability in rpcbind Date : 14-Apr-98 S-98-20 - SGI Vulnerability in IRIX LicenseManager(1M) Date : 14-Apr-98 S-98-21 - OpenGroup: xterm and Xaw library vulnerabilityDate : 28-Apr-98 S-98-22 - SUN: mountd Date : 06-May-98 S-98-23 - SUN: ufsrestore Date : 06-May-98 S-98-24 - Digital Unix ftpd vulnerability Date : 08-May-98 S-98-25 - Digital Unix advfs vulnerability Date : 08-May-98 S-98-26 - Digital Unix rpc.statd vulnerability Date : 08-May-98 S-98-27 - Digital Unix ftpd (ftp bounce) vulnarability Date : 08-May-98 S-98-28 - TTCP vulnerability (2)Date : 22-May-98 S-98-29 - ISC: DHCP Distribution Vulnerability Date : 22-May-98 S-98-30 - SGI IRIX 6.3 NetWare Client 1.0 Date : 28-May-98 S-98-31 - SGI IRIX 6.4 diskperf/diskalign Vulnerable Date : 28-May-98 S-98-32 - Name server vulnerability Date : 29-May-98 S-98-33 - CISCO PIX firewall Cryptography Issues Date : 04-Jun-98 S-98-34 - FreeBSD security compromise via mmap Date : 05-Jun-98 S-98-35 - FreeBSD system crash with NFS Date : 05-Jun-98 S-98-36 - Buffer Overflow in NIS+ Date : 10-Jun-98 S-98-37 - FreeBSD smurf attacks Date : 10-Jun-98 S-98-38 - SGI IRIX mediad vulnerability Date : 18-Jun-98 S-98-39 - Microsoft IIS WWW server vulnerability Date : 09-Jul-98 S-98-40 - qpopper POP-server buffer overflow Date : 15-Jul-98 S-98-41 - Compaq OpenVMS (VAX or ALPHA) V7.1 loginout Date : 16-Jul-98 S-98-42 - SUN libnsl vulnerability Date : 16-Jul-98 S-98-43 - SUN SUNWadmap vulnerability Date : 16-Jul-98 S-98-44 - IMAP server buffer overflow Date : 21-Jul-98 S-98-45 - SGI IRIX 6.4 ioconfig and disk_bandwidth Date : 21-Jul-98 S-98-46 - SGI IRIX 6.3 & 6.4 mailcap vulnerability Date : 21-Jul-98 S-98-47 - Vulnerability with ftp on HP-UX Date : 24-Jul-98 S-98 48 - IRIX ioconfig & disk_bandwidth vulnerability Date : 25-Jul-97 S-98-49 - Microsoft Outlook Express/98 Overrun Vuln. Date : 28-Jul-98 S-98-50 - multiscan ('mscan') Tool Date : 29-Jul-98 S-98-51 - Squid cache corruption Date : 06-Aug-98 S-98-52 - IBM AIX "sdrd" daemon Vulnerability Date : 09-Aug-98 S-98-53 - Buffer Overfl.in MIME-aware Mail & News Clnts Date : 11-Aug-98 S-98-54 - Cisco IOS Remote Router Crash Date : 13-Aug-98 S-98-55 - CISCO CRM Tempory File Vulnerability Date : 17-Aug-98 S-98-56 - Vulnerability in ToolTalk RPC Service Date : 04-Sep-98 S-98-57 - SunOS vulnerability in Ping utility Date : 11-Sep-98 S-98-58 - SunOS vulnerability in mailtool utility Date : 11-Sep-98 S-98-59 - SGI: IRIX On-Line Cust. Registration Vuln. Date : 30-Sep-98 S-98-60 - SGI:IRIX mail(1)/rmail(1M)/sendmail(1M) Security Vulnerabilities. Date : 30-Sep-98 S-98-61 - SGI:IRIX Mail(1)/mailx(1) Security Issues Date : 30-Sep-98 S-98-62 - SUN: ftp on SunOS Vulnerability Date : 01-Oct-98 S-98-63 - SGI:IRIX at(1) Security Vulnerability Date : 07-Oct-98 S-98-64 - Exploit in HP OpenView OmniBack II client hostDate : 14-oct-98 S-98-65 - Buffer Overflow Vulnerability in mountd Date : 14-oct-98 S-98-66 - Vulnerabilities in SCO "mscreen" Util. Date : 14-oct-98 S-98-67 - TCP RST denial of service vulnerability Date : 14-oct-98 S-98-68 - Cisco IOS Command Hist. Rel. at Login Prompt Date : 15-oct-98 S-98-69 - SGI: xterm(1) exploitable buffer overflow Date : 16-Oct-98 S-98-70 - SGI: Xaw exploitable buffer overflow Date : 16-Oct-98 S-98-71 - IBM:The automountd daemon allows local and remote users to become root. Date : 27-Oct-98 S-98-72 - FreeBSD IP fragmentation denial of service Date : 06-Nov-98 S-98-73 - CISCO IOS DFS Access List Leakage Date : 06-Nov-98 S-98-74 - Sun: Hidden community string in SNMP Date : 09-nov-98 S-98-75 - HPOpenview: SNMP community string Date : 03-dec-98 S-98-76 - SunOS vulnerability in dtmail Date : 18-Dec-98 S-98-77 - SunOS vulnerability in bind Date : 18-Dec-98 S-98-78 - SGI IRIX fcagent vulnerability Date : 18-Dec-98 S-98-79 - SunOS vulnerability in passwd Date : 18-Dec-98 S-98-80 - tcp-denial-of-service Date : 22-Dec-98 S-98-81 - Cisco IOS 12.0 UDP syslog port Date : 22-Dec-98 S-99-01 - Trojan horse version of TCP Wrappers Date : 22-Jan-99 S-99-02 - Buffer overflows in various FTP servers Date : 12-Feb-99 S-99-03 - HP security vulnerability with rpc.pcnfsd Date : 12-Feb-99 S-99-04 - Solaris vulnerability in sdtcm_convert Date : 12-Feb-99 S-99-05 - Solaris vulnerability in CDE Date : 12-Feb-99 S-99-06 - SunOS/Solaris vulnerability in man/catman Date : 12-Feb-99 S-99-07 - Debian Linux "Super" package Buffer Overflow Date : 23-Feb-99 S-99-08 - Microsoft BackOffice Vulnerability Date : 23-Feb-99 S-99-09 - CERT Summary Date : 26-Feb-99 S-99-10 - Update to Windows NT "KnownDLLs List" Vuln. Date : 06-Mar-99 S-99-11 - Cisco Catalyst Supervisor Remote Reload Date : 25-Mar-99 S-99-12 - Melissa-Macro-Virus Date : 27-Mar-99 S-99-13 - Cisco input access list leakage with NAT Date : 16-Apr-99 S-99-14 - Melissa Virus distributed in .RTF files Date : 31-May-99 S-99-15 - CA-99-06 ExploreZip Trojan Horse Program Date : 11-Jun-99 S-99-16 - CA-99-05 Vulnerability in statd & automountd Date : 11-Jun-99 S-99-17 - Vers.8.8.8 Sendmail for SunOS(tm) 5.6 & 5.5.1 Date : 11-Jun-99 S-99-18 - Microsoft IIS Buffer Overflow Date : 18-Jun-99 S-99-19 - cmsd (Calendar manager service daemon) Date : 16-Jul-99 S-99-20 - Array Services default configuration Date : 19-Jul-99 S-99-21 - Unauthorized Access to IIS Servers through ODBC Data Access with RDS Date : 19-Jul-99 S-99-21a- Correction to S-99-21 Date : 20-Jul-99 S-99-21b- 2nd Correction to S-99-21 Date : 25-Jul-99 S-99-22 - SGI arrayd default security configuration Date : 25-Jul-99 S-99-23 - HP-UX 10.x Current Directory Vulnerability Date : 25-Jul-99 S-99-24 - Similar Attacks Using Various RPC Services Date : 25-Jul-99 S-99-25 - IBM AIX vuln. in ptrace() system call Date : 16-Aug-99 S-99-26 - Windows NT(r) Terminal Servers DOS Vuln. Date : 16-Aug-99 S-99-27 - Microsoft vuln. in Exchange(r) Server Date : 16-Aug-99 S-99-28 - IBM C Set ++ for AIX Source Code Browser Date : 20-Aug-99 S-99-29 - SUN: rpc.cmsd bufferoverflow Date : 26-Aug-99 S-99-30 - Microsoft ODBC problem in Jet Date : 31-Aug-99 S-99-31 - Domain Name System (DNS) Denial of Service Date : 31-Aug-99 S-99-32 - Lotus Domino Server 4.6 Date : 01-Sep-99 S-99-33 - CERT Summary Date : 03-Sep-99 S-99-34 - Four Vulnerabilities in the CDE Date : 14-Sep-99 ===========================================================================