Virus Warnings from February 2006


[Jump to Amiga] [Jump to Windows] [Jump to Mac]
[Jump to Linux] [Jump to Misc]
   Amiga
 
   No warnings for February 2006
 
   Top of Page
 

   Windows
 
    23 February 2006 - Microsoft Security Bulletin for Feb 23 2006
   Security Advisory (914457) has the title of "Possible Vulnerability in
   Windows Service ACLs"
   Reason For Update: Added Microsoft Knowledge Base Article 914392

    23 February 2006 - Microsoft Security Bulletin for Feb 21 2006
   Security Advisory (906267) has the title of "A COM Object (Msdds.dll)
   Could Cause Internet Explorer to Unexpectedly Exit"
   Reason For Update: Advisory updated to direct customers to Security
   Bulletin MS05-052, "Cumulative Security Update for Internet Explorer".

    15 February 2006 - Microsoft Security Bulletin for Feb 14 2006
   Updates are available to address the following issues. For additional
   information, including Technical Details, Workarounds, answers to
   Frequently Asked Questions, and Update Deployment Information please read
   the above Microsoft Security Bulletin Summary for this month
   * MS06-010
   Vulnerability in PowerPoint 2000 could allow information disclosure
   (889167)
   * MS06-009
   Vulnerability in the Korean Input Method Editor could allow elevation of
   privilege (901190)
   * MS06-008
   Vulnerability in Web Client Service could allow remote code execution
   (911927)
   * MS06-007
   Vulnerability in TCP/IP could allow Denial of Service (913446)
   * MS06-006
   Vulnerability in Windows Media Player plug-in with non-Microsoft
   Internet browsers could allow remote code execution (911564)
   * MS06-005
   Vulnerability in Windows Media Player could allow remote code execution
   (911565)
   Bulletin Severity Rating: Critical
   * MS06-004
   Cumulative security update for Internet Explorer (910620)
   Bulletin Severity Rating: Critical

    14 February 2006 - MS Security Advisory (913333)
   Microsoft Feb 7 notification says there is a vulnerability in Internet
   Explorer that could allow remote code execution

    14 February 2006 - MS Security Advisory (914457)
   Microsoft Feb 7 notification says there is a possible vulnerability in
   Windows Service ACLs

    14 February 2006 - Exploits released for Firefox 1.5 flaw
   Viruslist.com news from Kaspersky Labs says malicious code that exploits
   a flaw in Mozilla's Firefox 1.5 browser has been released, making it
   imperative that users update to the latest version. The vulnerability
   allows a remote user to execute arbitrary code and gain full control
   over the victim machine.

    14 February 2006 - FRISK Security Alert: W32/Kapser.A@mm
   W32/Kapser@mm is a mass-mailing worm that first appeared on 16 January
   2006 and is detected and disinfected by F-Prot Antivirus with virus
   signature files dated 16 January or newer. This worm is set to delete
   files on infected computers on the 3 February 2006 and then to repeat
   the action on the third day of each subsequent month, indefinitely. The
   worm is programmed to delete files according to the file type, determined
   by the file name extension.
   For more detailed technical information on this worm go to:
   http://www.f-prot.com/virusinfo/descriptions/kapser_a.html

    05 February 2006 - FRISK Security Alert: W32/Bagle.DX@mm
   Risk: Medium   Discovered: 2 Feb 2006
   W32/Bagle.DX is a mass mailing worm that has its own SMTP engine but
   also tries to spread via P2P networks. It tries to download and
   execute files from the Internet. It kills antivirus related processes
   and modifies the host file to make its detection and removal harder.

    05 February 2006 - FRISK Security Alert: W32/Bagle.DW@mm
   Risk: Medium   Discovered: 2 Feb 2006
   W32/Bagle.DW is a mass mailing worm that has its own SMTP engine but
   also tries to spread via P2P networks. It tries to download and
   execute files from the Internet. It kills antivirus related processes
   and modifies the host file to make its detection and removal harder.

    05 February 2006 - F-Secure Alert: Breplibot.AE
   Alias:    Ryknos, Stinx-F
   New Breplibot variant has been mass spammed to thousands of email inboxes.
   It was spoofed to look like it was coming from f-secure email address,
   including press@f-secure.com and info@f-secure.com. Breplibot.AE is a
   backdoor with bot capabilities. It connects to several IRC servers and
   waits for commands from the backdoor author.

    05 February 2006 - MS05-054: Revised Bulletin on Feb 1 2006
   * MS05-054 - Bulletin revised to call out that defense-in-depth
   improvements have also been made to the kill-bit mechanism.
   Originally posted: December 13, 2005
   Updated: February 1, 2006
   Bulletin Severity Rating: Critical

   Top of Page
 

   Macintosh
 
   No warnings for February 2006

   Top of Page
 

   Linux
 
    27 February 2006 - Debian Security Advisory: DSA 982-1
   Debian's February 27th announcement titled "New gpdf packages fix
   several vulnerabilities" says Derek Noonburg has fixed several potential
   vulnerabilities in xpdf, which are also present in gpdf. Upgrade your
   gpdf package.

    23 February 2006 - Debian Security Advisory: DSA 980-1
   Debian's February 22nd announcement titled "New tutos packages fix
   multiple vulnerabilities" says Joxean Koret discovered several security
   problems in tutos. Upgrade your tutos package.

    17 February 2006 - Latest Debian Security Advisorys for February 2006
    * DSA 979-1
   New pdfkit.framework packages fix several vulnerabilities
   Derek Noonburg has fixed several potential vulnerabilities in xpdf.
   Upgrade your pdfkit.framework package.
    * DSA 978-1
   New GnuPG packages fix invalid success return
   Tavis Ormandy noticed that gnupg, the GNU privacy guard - a free PGP
   replacement, verifies external signatures of files successfully even
   though they don't contain a signature at all. Upgrade your gnupg package.
    * DSA 977-1
   New heimdal packages fix several vulnerabilities
   Two vulnerabilities have been discovered in heimdal. Upgrade your heimdal
   packages.

    15 February 2006 - Latest Debian Security Advisorys for February 2006
    * DSA 976-1
   New libast packages fix arbitrary code execution
   Johnny Mast discovered a buffer overflow in libast. Upgrade your libast
   packages.
    * DSA 975-1
   New nfs-user-server packages fix arbitrary code execution
   Marcus Meissner discovered that attackers can trigger a buffer overflow
   in the path handling code by creating or abusing existing symlinks.
   Upgrade your nfs-user-server package.
    * DSA 974-1
   New gpdf packages fix denial of service
   SuSE researchers discovered heap overflow errors in xpdf. Upgrade your
   gpdf package.
    * DSA 973-1
   New OTRS packages fix several vulnerabilities
   Several vulnerabilities have been discovered in otrs. Upgrade your otrs
   package.
    * DSA 972-1
   New pdfkit.framework packages fix denial of service
   SuSE researchers discovered heap overflow errors in xpdf. Upgrade your
   pdfkit.framework package.

    14 February 2006 - Latest Debian Security Advisorys for February 2006
    * DSA 971-1
   New xpdf packages fix denial of service
   SuSE researchers discovered heap overflow errors in xpdf. Upgrade your
   xpdf packages.
    * DSA 970-1
   New kronolith packages fix cross-site scripting
   Johannes Greil of SEC Consult discovered several cross-site scripting
   vulnerabilities in kronolith. Upgrade your kronolith and kronolith2
   packages.
    * DSA 969-1
   New scponly packages fix potential root vulnerability
   Max Vozeller discovered a vulnerability in scponly. Upgrade your scponly
   package.
    * DSA 968-1
   New noweb packages fix insecure temporary file creation
   Javier Fernandez-Sanguino Pena from the Debian Security Audit project
   discovered that a script in noweb, creates a temporary file in an
   insecure fashion. Upgrade your nowebm package.
    * DSA 967-1
   New elog packages fix arbitrary code execution
   Several security problems have been found in elog. Upgrade your elog
   package.
    * DSA 966-1
   New adzapper packages fix denial of service
   Thomas Reifferscheid discovered that adzapper, can consume a lot of
   CPU resources and hence cause a denial of service on the proxy host.
   Upgrade your adzapper package.
    * DSA 965-1
   New ipsec-tools packages fix denial of service
   The Internet Key Exchange version 1 (IKEv1) implementation in racoon
   from ipsec-tools, IPsec tools for Linux, try to dereference a NULL
   pointer under certain conditions. Upgrade your racoon package.

    05 February 2006 - Latest Debian Security Advisorys for February 2006
    * DSA 962-1
   New pdftohtml packages fix arbitrary code execution
   "infamous41md" and Chris Evans discovered several heap based buffer
   overflows in xpdf which are also present in pdftohtml
    * DSA 963-1
   New mydns packages fix denial of service
   NISCC reported that MyDNS, a DNS server using an SQL database for data
   storage, can be tricked into an infinite loop by a remote attacker and
   hence cause a denial of service condition.
    * DSA 964-1
   New gnocatan packages fix denial of service
   A problem has been discovered in gnocatan, the computer version of the
   settlers of Catan boardgame

   Top of Page
 

   Miscellaneous
 
   No warnings for February 2006
 
   Top of Page
 
   Back to the Virus Archives page

Virus Help Team Canada Site (c)2000-2012 by Charlene
VHT-CAN and our webhoster disclaimes any responsibility for software obtained through this site. All copyrights and trademarks are acknowledged
Contact VHT-Canada

Last Updated: March 01, 2006