Entire Site
DOE-CIRC
DOE-CIRC Home
DOE-CIRC Home
About CIRC
About CIRC
Incident Reporting
Incident Reporting
Scope
Reportable Incidents
Reporting Procedures
Report Content
Forms
Negative Reporting
Bulletins
Bulletins
Latest
Latest
High Risk
High Risk
Revised
Revised
Bulletin Archive
Bulletin Archive
Technical Bulletins
Technical Bulletins
Search
Search
C-Notes
C-Notes
Recent C-Notes
Recent C-Notes
C-Notes Archive
C-Notes Archive
Documents
and Publications
Documents and Publications
CIRC Documents
Other Publications
Conference Proceedings
Public Law
Tools
Tools
NID and SafePatch
DISA INFOSEC Tools
Multi-Platform Trusted Copy
IEBT v.1.01
Public Tools
-Windows
-Windows
-MAC
-MAC
-UNIX
-UNIX
Security Links
Security Links
Advanced Search
Advanced Search
Contact CIRC
Contact CIRC
Maintenance Schedule
The DOE-CIRC server will be unavailable during the following scheduled events:
Routine maintenance:
Every Thursday from 5:00 - 9:00pm (PST)
You are here:
DOE Home
>
CIO Home
>
CIRC Home
>
Bulletins
>
Archive
>
S Series
S Series Bulletins (FY 2008):
S-001: OpenSSL Vulnerability
S-002: ELinks Security Update
S-003: Security Vulnerability in Java Runtime Environment with Applet Caching
S-004: Vulnerability in Kodak Image Viewer
S-005: Security Update for Outlook Express and Windows Mail
S-006: Cumulative Security Update for Internet Explorer
S-007: Vulnerability in Windows SharePoint Services 3.0 and Office SharePoint Server 2007
S-008: Vulnerability in Microsoft Word
S-009: Vulnerability in RPC
S-010: X Font Server Vulnerabilities
S-011: VMware Security Updates
S-012: hplip Security Update
S-013: Cisco IOS Line Printer Daemon (LPD) Vulnerability
S-014: librpcsecgss Vulnerability
S-015: Oracle Critical Patch Update - October 2007
S-016: Multiple Vulnerabilities in Cisco PIX and ASA Appliances
S-017: Cisco Unified Communications Manager Denial of Service Vulnerabilities
S-018: Multiple Vulnerabilities in Firewall Services Module
S-019: DHCP Vulnerability
S-020: Cisco Unified Communications Web-based Management Vulnerability
S-021: HP-UX Running OpenSSL Vulnerability
S-022: Mozilla Products Vulnerabilities
S-023: RealPlayer Playlist Vulnerability
S-024: libpng Security Update
S-025: reprepro Vulnerability
S-026: xfce4-terminal Vulnerability
S-027: t1lib Vulnerability
S-028: Vulnerability in Java Runtime Environment Virtual Machine
S-029: IBM Lotus Notes Vulnerabilities
S-030: Adobe Security Update
S-031: RSA Keon Vulnerability
S-032: CUPS Security Update and Bug Fix Update
S-033: AIX lqueryvg Buffer Overflow Vulnerability
S-034: SonicWall NetExtender NELaunchCtrl ActiveX Vulnerability
S-035: Perdition Format String Error
S-036: Mono Vulnerability
S-037: Perl-Compatible Regular Expression (PCRE) Vulnerabilities
S-038: Perl Security Update
S-039: httpd Security Update
S-040: Vulnerability in Macrovision SECDRV.SYS Driver on Windows
S-041: Wireshark Security Update
S-042: CoolKey Security and Bug Fix Update
S-043: OpenSSH Security and Bug Fix Update
S-044: Apple QuickTime 7.3 Security Update
S-045: OpenLDAP Security and Enhancement Update
S-046: TeTeX Security Update
S-047: Guidance EnCase Vulnerability
S-048: phpMyAdmin Vulnerability
S-049: Mozilla Firefox Vulnerability
S-050: Horde3 Vulnerabilities
S-051: Perl-Compatible Regular Expression (PCRE) Security Update
S-052: Ruby Security Update
S-053: Vulnerability in Windows URI Handling
S-054: Vulnerability in DNS
S-055: HP OpenView Operations (OVO) Running on HP-UX and Solaris Vulnerability
S-056: Apple Security Update 2007-008
S-057: Samba Security Update
S-058: HP-UX Running Java JRE and JDK
S-059: util-linux Security Update
S-060: Apple QuickTime RTSP Content-Type Vulnerability
S-061: IBM Director Vulnerability
S-062: HP-UX Running HP Secure Shell Vulnerability
S-063: Cairo Security Update
S-064: PCRE Security Update
S-065: HP OpenView Network Node Manager (OV NNM) Vulnerability
S-066: Mozilla Security Update
S-067: Tk Vulnerability
S-068: htdig Security Update
S-069: Cisco Security Agent for Windows System Driver Vulnerability
S-070: Multiple Security Vulnerabilities in the JavaScript Engine
S-071: Zabbix Vulnerability
S-072: OpenOffice.org2 Security Update
S-073: Vulnerability in SMBv2
S-074: Vulnerabilities in DirectX
S-075: Vulnerability in Macrovision Driver
S-076: Cumulative Security Update for Internet Explorer
S-077: Vulnerability in Message Queuing
S-078: Vulnerability in Windows Media File Format
S-079: Vulnerability in Windows Kernel
S-080: Samba Security and Bug Fix Update
S-081: autofs Security Update
S-082: Linux-2.6 Vulnerabilities
S-083: Sitebar Vulnerabilities
S-084: Ruby-Gnome2 Vulnerability
S-085: e2fsprogs
S-086: qt-x11-free Vulnerabilities
S-087: centericq Vulnerability
S-088: HP Quick Launch Button (QLB) Running on Windows Vulnerability
S-089: Prolog Manager Vulnerability
S-090: Apple Security Update 2007-009
S-091: MySQL Security Update
S-092: Adobe Flash Player Vulnerability
S-093: ClamAV Vulnerabilities
S-094: IBM Lotus Domino Web Access Vulnerability
S-095: Linux-2.6 Vulnerabilities
S-096: Application Inspection Vulnerability in Cisco Firewall Services Module
S-097: libexif Security Update
S-098: HP-UX Running rpc.yppasswdd Vulnerability
S-099: PeerCast Vulnerability
S-100: GNU Tar Vulnerabilities
S-101: Flash Authoring Tool Vulnerability
S-102: TYPO3 Vulnerabilities
S-103: Wireshark Vulnerabilities
S-104: libsndfile Vulnerability
S-105: Vulnerabilities in Windows TCP/IP
S-106: Vulnerability in LSASS
S-107: HP Software Update Running on Windows
S-108: PostgreSQL Security Update
S-109: Apple QuickTime RTSP Response Vulnerability
S-110: OpenAFS Vulnerability
S-111: HP OpenView Operations (OVO) Agents Running Shared Trace Service Vulnerability
S-112: SSH Tectia Client and Server Vulnerability
S-113: Tog-Pegasus Security Update
S-114: Dovecot Vulnerability
S-115: AOL Radio AOLMediaPlaybackControl.exe Vulnerability
S-116: HP-UX Running X Font Server (xfs) Software
S-117: Oracle Critical Patch Update - January 2008
S-118: Apache httpd Vulnerabilities
S-119: apt-listchanges Vulnerability
S-120: Universal Plug and Play Vulnerability
S-121: VFS Vulnerability
S-122: Cisco Unified Communications Manager CTL Provider Vulnerability
S-123: xorg-x11-server Security Update
S-124: XFree86 Security Update
S-125: Citrix Presentation Server IMA Vulnerability
S-126: Members Area System 'view_func.php' Vulnerability
S-127: GradMan 'info.php' Vulnerability
S-128: AcuraCMS 'stat.php' Vulnerability
S-129: Mantis Vulnerability
S-130: ELOG Vulnerabilities
S-131: BIND Vulnerabilities
S-132: CIMPLICITY 6.1 Security Vulnerabilies
S-133: Xine-lib Vulnerability
S-134: FLAC Vulnerabilities
S-135: libvorbis Vulnerabilities
S-136: International Components for Unicode Library (libicu) Vulnerabilities
S-137: yarssr vulnerability
S-138: CandyPress Vulnerabilities
S-139: Persits Software XUpload 'AddFile()' Method ActiveX Control Vulnerability
S-140: Namo Web Editor "NamoInstaller.dll' ActiveX Control Vulnerability
S-141: Horde3 Vulnerabilities
S-142: scponly Vulnerability
S-143: Cisco Wireless Control System Tomcat mod_jk.so Vulnerability
S-144: Cisco PIX and ASA Time-to-Live Vulnerability
S-145: MySQL-dfsg-5.0 Vulnerabilities
S-146: Joomla! PHP Vulnerabilities
S-147: Connectix Boards 'part_userprofile.php' Vulnerability
S-148: SQLiteManager 'confirm.php' Vulnerability
S-149: SafeNET HighAssurance Remote and SoftRemote IPSecDrv.SYS Vulnerability
S-150: IBM AIX 'piox25.c/poix25remote.sh' Vulnerability
S-151: Chilkat Email 'ChilkatCert.dll' Vulnerability
S-152: WordPress Plugin AdServe Vulnerability
S-153: AmpJuke 'index.php' Vulnerability
S-154: SwiftView ActiveX Control and Plug-in Vulnerability
S-155: Gnumeric XLS HLINK Opcode Handling Vulnerability
S-156: OpenBSD bgplg 'cmd' Parameter Vulnerability
S-157: WordPress WassUp Plugin 'spy.php' Vulnerability
S-158: Aurigma Image Uploader 'ImageUploader4.ocx' ActiveX Control Vulnerability
S-159: Facebook Photo Uploader 4 'ImageUploader4.1.ocx' ActiveX Control Vulnerability
S-160: MySpace Uploader 'MySpaceUploader.ocx' ActiveX Control Vulnerability
S-161: Livelink ECM UTF-7 Vulnerability
S-162: Mozilla Products Vulnerabilities
S-163: Simple DirectMedia Layer 1.2 Vulnerabilities
S-164: Tk Vulnerability
S-165: Yahoo! Music Jukebox YMP Datagrid ActiveX Vulnerabilities
S-166: phpBB2 Vulnerabilities
S-167: Linux-2.6 Vulnerabilities
S-168: net-snmp Vulnerability
S-169: Squid Vulnerability
S-170: KAME Project IPv6 IPComp Vulnerability
S-171: Kernel Security Update
S-172: Vulnerability in WebDAV Mini-Redirector
S-173: Vulnerability in Internet Information Services
S-174: Vulnerability in OLE Automation
S-175: Vulnerability in Microsoft Word
S-176: Cumulative Security Update for Internet Explorer
S-177: Vulnerabilities in Microsoft Works File Converter
S-178: Vulnerabilities in Microsoft Office Publisher
S-179: Vulnerability in Microsoft Office
S-180: Adobe Reader and Acrobat Vulnerabilities
S-181: Mac OS X v10.5 / Security Update 2008-001
S-182: Vulnerability in Active Directory
S-183: Vulnerability in Internet Information Services
S-184: Cisco Unified IP Phone Vulnerabilities
S-185: SkypeFind Vulnerability
S-186: HP System Management Homepage (SMH) for HP-UX Vulnerability
S-187: HP-UX Running the Ignite-UX or the DynRootDisk (DRD) Vulnerabilities
S-188: MPlayer Vulnerabilities
S-189: SQL Injectionin Cisco Unified Communications Manager
S-190: Nagios Vulnerabilities
S-191: Apache mod_jk2 Host Vulnerability
S-192: Kerio MailServer Vulnerabilities
S-193: WordPress Vulnerability
S-194: Citrix MetaFrame Web Manager 'login.asp' Vulnerability
S-195: Novell iPrint Client 'ienipp.ocx' ActiveX Vulnerability
S-196: Cups Security Update
S-197: VMWare Products Shared Folders "MultiByteToWideChar()' Variant Vulnerability
S-198: OpenCA Vulnerability
S-199: OpenLDAP Vulnerability
S-200: splitvt Vulnerability
S-201: PCRE3 Vulnerability
S-202: Cups Security Update
S-203: Alsa-Drive Vulnerability
S-204: OPera Web Browser Vulnerabilities
S-205: PHP-Nuke EasyContent Module 'page_id' Parameter Vulnerability
S-206: Symantec Decomposer Vulnerabilities
S-207: Mozilla Vulnerability in External MIME bodies
S-208: Ghostscript Vulnerability
S-209: activePDF Server Packet Processing Vulnerability
S-210: Rising Web Scan Object 'OL2005.dll' ActiveX Control Vulnerability
S-211: Move Media Player Quantum Streaming Vulnerability
S-212: Mozilla Vulnerability in BMP Decoder
S-213: Nukedit 'email' Parameter Vulnerability
S-214: SurgeMail and WebMail 'Page' Command Vulnerability
S-215: Symantec Backup Exec Scheduler ActiveX Control Multiple Vulnerabilities
S-216: Juniper Networks Secure Access 2000 'rdremediate.cgi' Vulnerability
S-217: Drupal Multiple HTML Vulnerabilities
S-218: gd Security Update
S-219: Juniper Networks Secure Access 2000 Web Root Path Vulnerability
S-220: PHP-Nuke My_eGallery Module 'gid' Parameter Vulnerability
S-221: Learn2 STRunner ActiveX Control Vulnerabilities
S-222: Evolution Security Update
S-223: IBM Tivoli Provisioning Manager for OS Deployment (TPMfOSD) Vulnerability
S-224: Vulnerabilities in Microsoft Office Web Components (MS08-017)
S-225: Vulnerabilities in Microsoft Office (MS08-016)
S-226: Vulnerability in Microsoft Outlook (MS08-015)
S-227: Vulnerabilities in Microsoft Excel (MS08-014)
S-228: CiscoWorks Internetwork Performance Monitor Vulnerability
S-229: Windows Vista Vulnerability
S-230: GNOME Evolution Vulnerability
S-231: Adobe Form Designer and Form Client Vulnerabilities
S-232: HP-UX Running HP CIFS Server (Samba)
S-233: Cisco Secure Access Control Server for Windows User-Changeable Password Vulnerabilities
S-234: Ultra VNC Vulnerability
S-235: RealNetworks RealPlayer ActiveX Vulnerability
S-236: krb5 Security Vulnerabilities
S-237: unzip Vulnerability
S-238: Vulnerability in Microsoft Jet Database Engine (JET)
S-239: XWINE Vulnerabilities
S-240: Asterisk
S-241: Multiple DLSw Denial of Service Vulnerabilities
S-242: Vulnerability in Cisco IOS with OSPF, MPLS VPN, and Supervisor 32, Supervisor 720, or Route Switch Processor 720
S-243: Cisco IOS Virtual Private Dial-up Network Denial of Service Vulnerability
S-244: Cisco IOS User Datagram Protocol Delivery Issue for IPv4/IPv6 Dual-Stack Routers
S-245: HP Tru64 UNIX running SSH/SFTP Server
S-246: Firefox Security Update
S-247: Apple Security Update 2008-002
S-248: HP OpenVMS SSH Using TCP/IP Services for OpenVMS
S-249: Cisco Unified Communications Disaster Recovery Framework Vulnerability
S-250: HP USB Floppy Drive Key (Option) for ProLiant Servers Vulnerability
S-251: Vulnerability in DNS Client
S-252: Vulnerabilities in Microsoft Visio
S-253: Vulnerability in Microsoft Project
S-254: Vulnerabilities in GDI
S-255: Vulnerability in VBScript and JScript Scripting Engines
S-256: Security Update of ActiveX Kill Bits
S-257: Cumulative Security Update for Internet Explorer
S-258: Vulnerability in Windows Kernel
S-259: alsaplayer Vulnerability
S-260: HP Storage Essentials Software Vulnerability
S-261: libxine Security Vulnerabilities
S-262: Cisco IOS Multicast Virtual Private Network (MVPN) Data Leak
S-263: mapserver Vulnerabilities
S-264: Oracle Critical Patch Update - April 2008
S-265: Gnumeric Security Vulnerability
S-266: HP OpenView Network Node Manager (OV NNM) Running Apache
S-267: Cisco Network Admission Control Shared Secret Vulnerability
S-268: OpenOffice.org Security Update
S-269: kdegraphics Security Update
S-270: SeaMonkey Security Update
S-271: ImageMagick Security Update
S-272: Speex Security Update
S-273: Safari 3.1.1 Security Update
S-274: ClamAV Vulnerabilities
S-275: MPlayer Vulnerability
S-276: Python2.4 Vulnerabilities
S-277: Roundup Vulnerability
S-278: suphp Vulnerability
S-279: HP Software Update HPeDiag Running on Windows
S-280: Vulnerability in Windows
S-281: SILC Vulnerabilities
S-282: HP-UX Running WBEM Services
S-283: cPanel XSRF Vulnerabilities
S-284: Border Gateway Protocol Vulnerabilities
S-285: redhat-ds-admin Security Update
S-286: PHP Path Translation Vulnerability
S-287: CA Unicenter DSM ITRM Legends ActiveX Vulnerability
S-288: Vulnerabilities in Microsoft Word
S-289: Vulnerability in Microsoft Publisher
S-290: Vulnerability in Microsoft Jet Database Engine (JET)
S-291: rdesktop Vulnerabilities
S-292: xen Security and Bug Fix Update
S-293: OpenSSL Security Vulnerability
S-294: libvorbis Security Update
S-295: HP-UX Running Apache With PHP
S-296: GnuTLS Security Update
S-297: libxslt Security Update
S-298: Cisco IOS Secure Shell Denial of Service Vulnerabilities
S-300: CiscoWorks Common Services Vulnerability
S-301: Samba Security and Bug Fix Update
S-302: xine-lib Vulnerabilities
S-303: Creative Software AutoUpdate Engine ActiveX Vulnerability
S-304: HP-UX Running HP-UX Secure Shell
S-305: HP-UX Running useradd (1M)
S-306: Apple Security Update 2008-003 / Mac OS X 10.5.3
S-307: Multiple Vulnerabilities in Cisco PIX and Cisco ASA
S-308: HP StorageWorks Storage Mirroring Software
S-309: Evolution Security Update
S-310: CUPS Security Update
S-311: Cumulative Security Update for Internet Explorer
S-312: Vulnerabilities in DirectX
S-313: Vulnerability in WINS
S-314: Vulnerability in Bluetooth Stack
S-315: SNMP Version 3 Authentication Vulnerability
S-316: HP Online Support Services ActiveX StartApp() Vulnerability
S-317: HP OpenView Network Node Manager (OV NNM) Vulnerabilities
S-318: Apple QuickTime Vulnerabilities
S-319: Cisco Intrusion Prevention System Vulnerability
S-320: Citect CitectSCADA Vulnerability
S-321: Novell iPrint Client ActiveX Vulnerabilities
S-322: Deterministic Network Enhancer Vulnerability
S-323: Imlib2 Vulnerabilities
S-324: BackWeb Lite Install Runner ActiveX Vulnerabilities
S-325: xorg-server Vulnerabilities
S-326: Security Update for Adobe reader and Acrobat 8.1.2
S-327: IBMJava2 Security Update
S-328: FreeType Security Update
S-329: SBLIM Security Update
S-330: Cisco Unified Communications Manager Vulnerabilities
S-331: Kernel Security and Bug Fix Update
S-332: Vulnerabilities in DNS
S-333: Vulnerability in Windows Explorer
S-334: Vulnerabilities in Microsoft SQL Server
S-335: Mozilla Firefox Vulnerabilities
S-336: PCRE3 Vulnerability
S-337: Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access
S-338: Apple Security Update 2008-004 / Mac OS X 10.5.4
S-339: Vulnerabilities in Outlook Web Access for Exchange Server
S-340: HP OpenView Network Node Manager (OV NNM)
S-341: Multiple Cisco Products Vulnernable to DNS Cache Poisoning Attacks
S-342: Popper Vulnerability
S-343: Apple Safari 3.1.2 for Windows
S-344: Ruby Security Update
S-345: Security Vulnerability in the Java Runtime Environment Virtual Machine
S-346: MySQL-dfsg-5.0 Vulnerabilities
S-347: Vulnerability in the ActiveX Control for the Snapshot Viewer for Microsoft Access
S-348: Vulnerability in Microsoft Word
S-349: Vulnerabilities in Microsoft Excel
S-350: Vulnerabilities in Microsoft Office Filters
S-351: Cumulative Security Update for Internet Explorer
S-352: Vulnearbility in Microsoft Windows Image Color Management System
S-353: Vulneabilities in Event System
S-354: Vulnerabilities in Microsoft PowerPoint
S-355: Vulnerability in IPsec Policy Processing
S-356: Security Update for Outlook Express and Windows Mail
S-357: Vulnerability in Windows Messenger
S-358: DNS Vulnerability
S-359: Vulnerability in Cisco WebEx Meeting Manager ActiveX Control
S-360: java-1.5.0-ibm Security Update
S-361: Oracle Critical Patch Update - July 2008
S-362: OpenSC
S-363: libexslt Vulnerability
S-364: ClamAV Vulnerabilities
S-365: Ruby 1.8 Vulnerabilities
S-366: Gaim Vulnerability
S-367: Oracle Weblogic Apache Connector Vulnerability
S-368: RealNetworks Vulnerabilities
S-369: BlackBerry Attachment Service PDF Distiller Vulnerability
S-370: Afuse Vulnerability
S-371: CupsSYS Vulnerabilities
S-372: Vulnerabilities in GDI+
S-373: Vulnerability in Windows Media Encoder 9
S-374: Vulnerability in Windows Media Player
S-375: Vulnerarability in Microsoft Office
S-376: Cisco uBR10012 Series Devices SNMP Vulnerability
S-377: LANDesk QIP Vulnerability
S-378: Vulnerability in Host INtegration Server RPC Service
S-379: Vulnerabilities in Microsoft Excel
S-380: Cumulative Security Update for Internet Explorer
U.S. Department of Energy | 1000 Independence Ave., SW | Washington, DC 20585
1-800-dial-DOE | f/202-586-4403
