Entire Site
DOE-CIRC
DOE-CIRC Home
DOE-CIRC Home
About CIRC
About CIRC
Incident Reporting
Incident Reporting
Scope
Reportable Incidents
Reporting Procedures
Report Content
Forms
Negative Reporting
Bulletins
Bulletins
Latest
Latest
High Risk
High Risk
Revised
Revised
Bulletin Archive
Bulletin Archive
Technical Bulletins
Technical Bulletins
Search
Search
C-Notes
C-Notes
Recent C-Notes
Recent C-Notes
C-Notes Archive
C-Notes Archive
Documents
and Publications
Documents and Publications
CIRC Documents
Other Publications
Conference Proceedings
Public Law
Tools
Tools
NID and SafePatch
DISA INFOSEC Tools
Multi-Platform Trusted Copy
IEBT v.1.01
Public Tools
-Windows
-Windows
-MAC
-MAC
-UNIX
-UNIX
Security Links
Security Links
Advanced Search
Advanced Search
Contact CIRC
Contact CIRC
Maintenance Schedule
The DOE-CIRC server will be unavailable during the following scheduled events:
Routine maintenance:
Every Thursday from 5:00 - 9:00pm (PST)
You are here:
DOE Home
>
CIO Home
>
CIRC Home
>
Bulletins
>
Archive
>
P Series
P Series Bulletins (FY 2005):
P-001: Red Hat Updated XFree86 Packages fix Security Issues
P-002: Apple Security Update
P-003: Updated Cyrus-SASL Packages Fix Security Flaw
P-004: Security Vulnerabilities in CUPS May Allow Remote Unprivileged User to Execute Arbitrary Code
P-005: Windows SMTP Vulnerability could Allow Remote Code Execution
P-006: Microsoft Cumulative Security Update for Internet Explorer (834707)
P-007: Microsoft Windows Shell and Program Group Converter Vulnerabilities
P-008: Microsoft Security Update for Microsoft Windows (840987)
P-009: Microsoft Excel Vulnerability Could Allow Remote Code Execution
P-010: Microsoft Compressed (Zipped) Folders Vulnerability
P-011: Microsoft Vulnerability in NetDDE Could Allow Remote Code Execution (841533)
P-012: Microsoft Vulnerability in NNTP Could Allow Remote Code Execution (883935)
P-013: Macromedia JRun Server Vulnerabilities
P-014: CUPS Information Leak
P-015: Libtiff Vulnerabilities
P-016: Sun FTP Daemon of Heimdal is Vulnerable to Race Conditions
P-017: Sun Security Vulnerability When Using LDAP in Conjunction with RBAC
P-018: Red Hat Update MySQL Packages Fix Security Issues and Bugs
P-019: Updated CUPS/PDF (and teTeX-bin) Packages Fix Security Issues
P-020: VERITAS NetBackup (tm) Java GUI Vulnerability
P-021: HP Serviceguard Vulnerability
P-022: QuickTime for Windows Vulnerability
P-023: RealPlayer Vulnerability
P-024: Apple Remote Desktop Vulnerability
P-025: Apache HTTP Server 1.3.33 Released
P-026: "iptables" Packages Updated
P-027: Sun Java System Web Proxy Server Buffer Overflow Vulnerability
P-028: Cisco Vulnerability in Cisco Secure Access Control Server (ACS) EAP-TLS Authentication
P-029: libxml and libxml2 Buffer Overflow
P-030: Local Volume Manager (LVM) Vulnerability
P-031: HP OpenView Operations (OVO) Remote Privilege Elevation Vulnerability
P-032: GZIP Insecure Temporary Files
P-033: "libgd" Integer Overflows
P-034: Cisco IOS DHCP Blocked Interface Denial-of-Service
P-035: iPlanet/Sun ONE Messaging Server Webmail Vulnerability
P-036: Crafted Timed Attack Evades Cisco Security Agent Protections
P-037: Sudo Environment Cleaning Vulnerability
P-038: Samba Vulnerabilities
P-039: TWiki "Search.pm" Shell Command Injection Vulnerability
P-040: Security Vulnerability with Java Plug-in in JRE/SDK
P-041: F-Secure Zip Archive Bypasses Scanning
P-042: Sudo Missing Input Santising
P-043: "cyrus-imapd" Buffer Overflow
P-044: Samba - Arbitrary File Access Vulnerability
P-045: Sun Security Vulnerability in Ping(1M)
P-046: Microsoft Cumulative Security Update for Internet Explorer (889293)
P-047: Red Hat Updated Kernel Packages
P-048: HP Ignite-UX Vulnerability
P-049: Apple Security Update 2004-12-02
P-050: "in.rwhod" Daemon Vulnerability
P-051: SMB Password Disclosure
P-052: Updated imlib Packages Fix Security Vulnerabilities
P-053: Microsoft DHCP Vulnerabilities
P-054: Microsoft WINS Vulnerability
P-055: Microsoft WordPad Vulnerability
P-056: Microsoft HyperTerminal Vulnerability
P-057: Microsoft Windows Kernel and LSASS Vulnerabilities
P-058: Sun Java System Web and Application Server Security Vulnerability
P-059: Sendmail(1) Security Vulnerability
P-060: Cisco Unity with Exchange Default Passwords Vulnerability
P-061: Ethereal Multiple Vulnerabilities
P-062: Updated ncompress Package Fixes Security Issue and Bug
P-063: Adobe Reader Security Vulnerabilities
P-064: Adobe Reader 5.0.9 for UNIX "mailListIsPdf" function Vulnerability
P-065: Cisco Default Administrative Password in Cisco Guard and Traffic Anomaly Detector
P-066: Veritas Backup Exec Buffer Overflow Vulnerability
P-067: PHP Multiple Vulnerabilities
P-068: Sun ONE/iPlanet Messaging Server Webmail Vulnerability
P-069: Sun - Multiple Mozilla Vulnerabilities
P-070: Updated Samba Packages
P-071: Updated "gd" Packages
P-072: Updated ZIP Packages
P-073: Updated "libxml" Packages for Versions Prior to 2.6.14
P-074: “newgrp(1)” Local Privilege Escalation
P-075: p-075: "libkadm5srv" Heap Buffer Overflow
P-076: "nfs-utils" Package Vulnerabilities
P-077: AIX "paginit" Command Vulnerability
P-078: AIX Diag Script Vulnerability
P-079: AIX "chcod" Command Vulnerability
P-080: AIX "lsvpd" Untrusted Path Vulnerability
P-081: Linux Kernel Vulnerabilities
P-082: 'tiff' Insufficient Input Validation
P-083: Netscape Directory Server on HP-UX LDAP Vulnerability
P-084: TikiWiki Vulnerability
P-085: HP-UX SAM Local Privilege Increase
P-086: Perl Insecure Temporary Files/Directories
P-087: Buffer Overflow in xpdf
P-088: Buffer Overflow in PDF Processing part of CUPS
P-089: Buffer Overflow in 'nasm'
P-090: VIM Modeline Vulnerability
P-091: 'tiff' Unsanitized Input Vulnerability
P-092: kdelibs -- Unsanitised Input
P-093: HTML Help ActiveX Control Cross Domain Vulnerability
P-094: Microsoft Vulnerability in Cursor and Icon Format Handling
P-095: Microsoft Vulnerability in the Indexing Service
P-096: Sun SMC Default Configuration GUI Creates User Accounts with Blank Password Instead of Locked Accounts
P-097: Exim Buffer Overflow
P-098: Updated Mozilla Packages Fix a Buffer Overflow
P-099: Apple iTunes Buffer Overflow
P-100: Oracle Critical Patch Update
P-101: Updated Linux Kernel Packages
P-102: Veritas NetBackup Administrative Java GUI (bpjava-susvc) Vulnerability
P-103:
P-104: Buffer Overflow in xpdf
P-105: Sun Java Plug-In Vulnerability
P-106: Ethereal 0.10.9 Released
P-107: Security Vulnerability in Solaris 8 DHCP Administration Utilities
P-108: libdbi-perl
P-109: Cisco IOS Misformed BGP Packet Causes Reload
P-110: Crafted Packet Causes Reload on Cisco Routers
P-111: Cisco Multiple Crafted IPv6 Packets Cause Reload
P-112: Updated less Package Fixes Security Issue
P-113: BIND Vulnerabilities
P-114: BIND: Self Check Failing
P-115: libpam-radius-auth
P-116: Apple Security Update 2005-001 for Mac OS X
P-117: UW-imapd Fails to Properly Authenticate Users When Using CRAM-MD5
P-118: IBM AIX 5.3 NIS Client Vulnerability
P-120: Eudora Email Vulnerability
P-121: Python XML-RPC Server Vulnerability
P-122: Updated Perl Packages Fix Security Issues
P-123: Emacs20
P-124: Microsoft Vulnerability in Hyperlink Object Library
P-125: Microsoft Cumulative Security Update for Internet Explorer
P-126: Microsoft Vulnerability in DHTML Editing Component Active X Control
P-127: Microsoft ASP.NET Path Validation Vulnerability
P-128: Microsoft Vulnerability in OLE and COM
P-129: Microsoft Vulnerability in Server Message Block
P-130: Microsoft Vulnerability in Microsoft Office XP
P-131: Vulnerability in Windows Shell
P-132: Microsoft Vulnerability in the License Logging Service
P-133: Symantec UPX Parsing Engine Vulnerability
P-134: Microsoft Vulnerability in Windows SharePoint Services and SharePoint Team Services
P-135: HP-UX ftpd Remote Privileged Access
P-136: Microsoft PNG Processing Vulnerability
P-137: Mailman Vulnerabilities
P-138: Updated Squid Package Fixes Security Issues
P-139: PostgreSQL Vulnerabilities
P-140: AWStats Vulnerabilities
P-141: HP Web-enabled Management Software Vulnerability
P-142: XPDF/GPDF - CUPS Vulnerabilities
P-143: Security Vulnerability in the kcms_configure(1) Command
P-144: Cisco ACNS Denial of Service and Default Admin Password Vulnerabilities
P-145: HP-UX rpc.ypupdated Remote Unauthorized Access
P-146: bsmtpd
P-147: HP-UX ftpd Remote Unauthorized Access
P-148: Symantec SMTP Binding Configuration Vulnerability
P-149: Firefox Security Update
P-150: Computer Associates License Manager Remote Vulnerabilities
P-151: kdenetwork Package Vulnerability
P-152: RealNetworks Security Vulnerabilities
P-153: Security Vulnerabilities in Solaris AnswerBook2 Documentation
P-154: Ethereal versions 0.9.1 to 0.10.9 Vulnerabilities
P-155: Sylpheed Security Update
P-156: Apple Security Update 2005-003
P-157: Perl
P-158: McAfee Scan Engine LHA File Flaws
P-159: kdelibs Security Update
P-160: GIF Heap Overflow Parsing Netscape Extension 2
P-161: Security Vulnerability with Java Web Start
P-162: Cross Site Scripting Vulnerability in Sun Java System Application Server
P-163: Kerberos 5 Telnet Client Buffer Overflow
P-164: MySQL Security Update
P-165: libXpm Integer Overflow Flaw
P-166: Sybase Security Issues in ASE 12.5.3 and Earlier
P-167: cURL Security Update
P-168: Mozilla Security Update
P-169: Cisco Security Advisory: Vulnerabilities in the Internet Key Exchange Xauth Implementation
P-170: Cisco Security Advisory: Vulnerabilities in Cisco IOS Secure Shell Server
P-171: SGI Advanced Linux Environment 3 Security Update #33
P-172: SGI IRIX gr_osview File Overwrite Vulnerabilities
P-173: Cumulative Security Update for Internet Explorer (890923)
P-174: Vulnerability in Exchange Server (894549)
P-175: Vulnerability in MSN Messenger (896597)
P-176: Vulnerabilities in Microsoft Word (890169)
P-177: Vulnerabilities in TCP-IP (893066)
P-178: Vulnerability in Message Queuing (892944)
P-179: Vulnerability in Windows Shell (893086)
P-180: Vulnerabilities in Windows Kernel (890859)
P-181: Cisco Products Vulnerable to DoS via Crafted ICMP Messages
P-182: Oracle Critical Patch Update - April 2005
P-183: The Sun ONE and JES Directory Server Contain a Buffer Overflow involving LDAP
P-184: libexif
P-185: Apple Mac OS X v10.3.9 Security Update
P-186: Possible Network Port Theft in Solaris
P-187: Sun Java System Web Proxy Server Vulnerability
P-188: Security Vulnerabilities Addressed in Red Hat Kernel Update
P-189: RealNetworks Releases Security Updates
P-190: Firefox Security Bugs
P-191: KDE Image File Format Reader Vulnerabilities
P-192: OpenOffice.org Buffer Overflow Vulnerability
P-193: Mozilla Security Bugs
P-194: Buffer Overflow in “sharutils”
P-195: CVS Vulnerabilities
P-196: HP OpenView Radia Management Portal and Agent Vulnerability
P-197: PHP Security Bugs
P-198: HP OpenView Network Node Manager (OV NNM) Remote Unauthorized Privileged Code Execution, Denial of Service (DoS)
P-199: HP OpenView Event Correlation Services (OV ECS) Remote Unauthorized Privileged Code Execution, Denial of Service (DoS)
P-200: Apple Security Update 2005-005
P-201: iTunes MPEG4 Parsing Buffer Overflow
P-202: Web View in Windows Explorer Vulnerability
P-203: Cisco FWSM TCP ACL Bypass Vulnerability
P-204: ncpfs Security Update
P-205: Mac OS X 10.4.1 Update
P-206: Mozilla & Firefox Security Update
P-207: Ethereal Security Update
P-208: Kernel Security Update
P-209: HP-UX Trusted System Remote Unauthorized Access
P-210: bzip2
P-211: PostgreSQL Security Vulnerabilities
P-212: HP OpenView Radia Notify Daemon Security Vulnerabilities
P-213: GNU “mailutils” Contains Several Vulnerabilities
P-214: rpc.mountd security issues in IRIX 6.5.25-6.5.27
P-215: Apple Security Update 2005-006
P-216: Potential Security Risk with Macromedia eLicensing Client Activation Code
P-217: gzip Security Update
P-218: gEdit Security Update
P-219: tcpdump Security Update
P-220: Squid Security Update
P-221: Vulnerability in Server Message Block Could Allow Remote Code Execution (896422)
P-222: Internet Explorer Cumulative Security Update
P-223: Vulnerability in HTML Help Could Allow Remote Code Execution (896358)
P-224: Windows Web Client Service Vulnerability
P-225: Outlook Web Access for Exchange Server 5.5 Vulnerability
P-226: Outlook Express Cumulative Update
P-227: Step-by-Step Interactive Training Vulnerability
P-228: ISA Server 2000 Cumulative Update
P-229: Vulnerability in Microsoft Agent Could Allow Spoofing (890046)
P-230: Vulnerability in Telnet Client Could Allow Information Disclosure (896428)
P-231: Security Vulnerability in the lpadmin(1M) Utility
P-232: VERITAS Security Updates
P-233: RealNetworks Security Update
P-234: RealPlayer SMIL File Vulnerability
P-235: FTPSERV.NLM Abend and Security fixes
P-236: Adobe Reader and Acrobat Malicious PDF Document
P-237: Cisco RADIUS Authentication Bypass
P-238: Sudo Security Update
P-239: JRE Plug-in affects the Sun Java Desktop System for Linux
P-240: ht
P-241: PHP Security Update
P-242: Adobe Reader Vulnerability
P-243: 'ruby 1.8' Vulnerability
P-244: 'arshell' Vulnerability in 'arrayd'
P-245: Cisco CallManager Vulnerabilities
P-246: Microsoft Word Font Parsing Vulnerability
P-247: Microsoft Vulnerability in JView Profiler
P-248: Microsoft Color Management Module Vulnerability
P-249: krb5 Security Update
P-250: Oracle Critical Patch Update - July 2005
P-251: Mozilla Security Updates
P-252: Firefox Security Updates
P-253: Solaris Runtime Linker Vulnerability
P-254: 'tiff' Buffer Overflow Vulnerability
P-255: Heimdal
P-256: Targeted Attacks
P-257: SSH Tectia Server Private Key Permission Vulnerability in Windows
P-258: Security Vulnerability Involving the Common Desktop Environment (CDE) dtlogin(1X) Command
P-259: 'httpd' Security Update
P-260: Ethereal 0.10.12 Released
P-261: phpbb2 Cross Site Scripting Vulnerability
P-262: Cisco IPv6 Crafted Packet Vulnerability
P-263: BrightStor ARCserve for MS SQL Server Buffer Overflow
P-264: Possible Security Issue with XView Text Clipboard
P-265: Microsoft Cumulative Update for Internet Explorer
P-266: Microsoft Plug and Play Vulnerability
P-267: Vulnerability in Printer Spooler Service
P-268: Vulnerability in Telephony Service
P-269: Vulnerabilities in Kerberos
P-270: GAIM Security Update
P-271: Ethereal Security Update
P-272: Security Vulnerabilities in HP UNIX IPSEC Tunnel ESP Mode
P-273: Updated Solaris 8 Patches for Apache Security Vulnerabilities
P-274: Spoofing vulnerability in arrayd authentication
P-275: Adobe Acrobat and Reader Plug-in Buffer Overflow
P-276: Apple Security Update 2005-007
P-277: HP-UX Ignite-UX Remote Unauthorized Access
P-278: clamav -- integer overflows
P-279: Cisco Clean Access Vulnerability
P-280: Security Vulnerability in The "printd" Daemon
P-281: Security Vulnerabilities in the Sun StorEdge Enterprise Backup Software
P-282: PHP PEAR XML-RPC Server Package Vulnerability
P-283: Cisco Intrusion Prevention System Vulnerable to Privilege Escalation
P-284: SSL Certificate Validation Vulnerability in IDS Management Software
P-285: netpbm security update
P-286: vim security update
P-287: elm security update
P-288: Security Vulnerability in Solaris 10 "DHCP" Clients
P-289: mysql -- insecure temporary file
P-290: pam_ldap authentication bypass vulnerability
P-291: Symantec AntiVirus Help File Elevation of Privilege
P-292: HP-UX Running Veritas Unauthorized Data Access
P-293: HP Openview Network Node Manager (OV NNM) Remote Unauthorized Access
P-294: phpldapadmin
P-295: Courier
P-296: PCRE3
P-297: HP OpenView Event Correlation Services Vulnerability
P-298: Sun iPlanet Messaging Server Vulnerability
P-299: 'cvsbug' Security Update
P-300: Cisco IOS Firewall Authentication Proxy for FTP and Telnet Sessions Vulnerability
P-301: httpd Security Update
P-302: Cisco CSS SSL Authentication Bypass Security Notice
P-303: Firefox and Mozilla Buffer Overflow Vulnerability
P-304: XFree86 Security Update
P-305: Sun JAR File Contents Disclosure
P-306: Apple Java Security Updates
P-307: TWiki History Function Vulnerability
P-308: 'kcheckpass' Vulnerability
P-309: VERITAS Storage Exec DCOM Server Buffer Overflows
P-310: Firefox 1.0.7 Security Update
P-311: Mozilla Security Update
P-312: Apple Security Update 2005-008
P-313: Courier
P-314: HelixPlayer Security Update
P-315: Security Vulnerability in the Xsun(1) and Xprt(1) Commands
P-316: TWiki INCLUE Function Allows Arbitrary Shell Command Execution
P-317: Binutils Security Update
P-318: Updated Kernel Packages Red Hat Enterprise Linux 3 Update 6
P-319: IBM Security Vulnerabilities in Getconfig Command
P-320: MySQL & MySQL-dfsg
U.S. Department of Energy | 1000 Independence Ave., SW | Washington, DC 20585
1-800-dial-DOE | f/202-586-4403
