Guardian Digital, Inc.

.......

Whether you're a small organization new to the Internet world, or a large organization with dozens of EnGarde servers, your security needs are just as important. A security system that is out of date leaves you more susceptible to cyber vandals. Maintaining system security, effortless system maintenance, free product updates and advice, tech support information, custom security improvements, keeping up to date with the latest software improvements, and obtaining access to technical support has been difficult, until now. Guardian Digital's Secure Network is a means to keep your systems updated while at the same time receiving authoritative advice, information, and additional services from the experts. Have the security experts at Guardian Digital on your team. Click here for more information.

-->

Advisory	Date	Subject
ESA-20010409-01	April 09, 2001	'xntp3' buffer overflow
ESA-20010426-01	May 02, 2001	'openssl' multiple vulnerabilities
ESA-20010508-01	May 08, 2001	'glibc' local vulnerability
ESA-20010509-01	May 23, 2001	'pine' temporary file handling vulnerability
ESA-20010529-02	May 29, 2001	'WebTool' unclean root environment vulnerability
ESA-20010530-01	May 30, 2001	'gnupg' format string vulnerability
ESA-20010620-01	June 20, 2001	'fetchmail-ssl' buffer overflow
ESA-20010620-02	June 20, 2001	'apache' directory listing vulnerability
ESA-20010621-01	June 28, 2001	'xinetd' bug fixes and security updates
ESA-20010709-01	July 10, 2001	'openssl' PRNG weaknesses
ESA-20010711-01	July 11, 2001	'AllCommerce' temporary file creation vulnerability
ESA-20010711-02	July 11, 2001	'sudo' elevated privileges vulnerability
ESA-20010816-01	August 16, 2001	'fetchmail-ssl' contains a memory overwrite vulnerability
ESA-20011019-01	October 19, 2001	'apache' vulnerabilities
ESA-20011019-02	October 19, 2001	'kernel' local DoS and root compromise
ESA-20011019-03	October 19, 2001	'xinetd' potential vulnerabilities
ESA-20011101-01	November 1, 2001	'webalizer' cross-site scripting vulnerability
ESA-20011106-01	November 06, 2001	'kernel' syncookie vulnerability
EBA-20011130-01	November 30, 2001	'imap' expired default certificates
ESA-20011217-01	December 17, 2001	'glibc' globbing buffer overflow
ESA-20011227-01	December 27, 2001	'stunnel' format string vulnerability
ESA-20020114-001	January 14, 2002	'sudo' MTA invocation as root
ESA-20020114-002	January 14, 2002	'pine' URL handling vulnerability
ESA-20020114-003	January 14, 2002	Several LIDS vulnerabilities
ESA-20020125-004	January 25, 2002	'rsync' signed integer handling vulnerability
ESA-20020301-005	March 1, 2002	mod_ssl's session caching potential buffer overflow
ESA-20020301-006	March 1, 2002	Several flaws in PHP's MIME parsing.
ESA-20020307-007	March 7, 2002	Local vulnerability in OpenSSH's channel code.
ESA-20020311-008	March 11, 2002	Double free() in zlib may lead to buffer overflow.
ESA-20020423-009	April 23, 2002	webalizer contains a potentially exploitable buffer overflow.
ESA-20020429-010	April 29, 2002	sudo heap corruption vulnerability
EBA-20020515-011	May 15, 2002	Fix defaults in php.ini
EBA-20020515-012	May 15, 2002	Minor parsing fixes in Daily Summaries report.
ESA-20020607-013	June 07, 2002	Remote buffer overflow in imap daemon.
ESA-20020619-014	June 19, 2002	'apache' chunk handling overflow vulnerability
ESA-20020625-015	June 25, 2002	openssh: introduce privilege separation into sshd
ESA-20020702-016	July 02, 2002	several vulnerabilities in the OpenSSH daemon
ESA-20020702-017	July 02, 2002	off-by-one in mod_ssl's configuration directive handling
ESA-20020724-018	July 24, 2002	Buffer overflow in BIND4-derived resolver code
ESA-20020730-019	July 30, 2002	Several vulnerabilities in the openssl library.
ESA-20020807-020	August 7, 2002	OpenSSL ASN.1 vulnerability fix corrections.
ESA-20021003-021	October 03, 2002	Several glibc security-related updates.
ESA-20021003-022	October 03, 2002	'tar' directory traversal vulnerability.
ESA-20021003-023	October 03, 2002	'fetchmail-ssl' buffer overflows and broken boundary checks.
ESA-20021007-024	October 07, 2002	'apache' potential DoS, cross-site scripting, and buffer overflow vulnerabilities.
ESA-20021016-025	October 16, 2002	'syslog-ng' buffer overflow
ESA-20021022-026	October 22, 2002	'kernel' local vulnerabilities
ESA-20021029-027	October 29, 2002	'mod_ssl' cross-site scripting vulnerability.
ESA-20021029-028	October 29, 2002	'syslog-ng' buffer overflow (UPDATED)
ESA-20021114-029	November 14, 2002	BIND buffer overflow, DoS attacks.
ESA-20021122-030	November 22, 2002	'kernel' local vulnerabilities
ESA-20021122-031	November 22, 2002	PHP upgrade ane security fixes
ESA-20021127-032	November 27, 2002	'pine' version upgrade, security fixes
ESA-20021213-033	December 13, 2002	Several MySQL vulnerabilities.
ESA-20030127-001	January 27, 2003	MySQL vulnerabilities.
ESA-20030127-002	January 27, 2003	'fetchmail' heap overflow
ESA-20030219-003	February 19, 2003	Several PHP vulnerabilities
ESA-20030220-004	February 20, 2003	MySQL double free vulnerability
ESA-20030220-005	February 20, 2003	OpenSSL timing-based attack vulnerability
ESA-20030225-006	February 25, 2003	WebTool session ID spoofing vulnerability.
ESA-20030307-007	March 7, 2003	'snort' buffer overflow vulnerability.
ESA-20030307-008	March 7, 2003	'file' buffer overflow vulnerability
ESA-20030318-009	March 18, 2003	Several 'kernel' vulnerabilities.
ESA-20030320-010	March 20, 2003	Several vulnerabilities in the OpenSSL toolkit.
ESA-20030321-010	March 21, 2003	'glibc' RPC XDR decoder vulnerability.
ESA-20030324-012	March 24, 2003	'MySQL' root exploit.

Guardian Digital, Inc. is not responsible for the misuse of any of the information we provide on this Web site and/or through our security advisories. Our advisories are a service to our customers intended to promote secure installation and use of EnGarde Secure Linux.

[ Company ] - [ Press ] - [ Contact ] - [ System Activation ] - [ Partners ] - [ Store ] - [ Newsletters ] - [ Site Map ]
Copyright (c) 2000- 2010 Guardian Digital, Inc. Linux Lockbox and EnGarde are Trademarks of Guardian Digital, Inc.