Lmh

**Name of the Vulnerable Software and Affected Versions** Apple Mac OS X version 10.3.9 **Description** The issue affects the Bonjour functionality in iChat, allowing remote attackers to cause a denial of service, resulting in a persistent application crash. The exact vectors used for the attack are not specified. **Recommendations** For Apple Mac OS X version 10.3.9, consider disabling the Bonjour functionality in iChat as a temporary workaround to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Apple Airport Extreme firmware version 0.1.27 **Description** The issue allows remote attackers to cause a denial of service, resulting in out-of-bounds memory access and kernel panic, and may have other security-related impacts via certain beacon frames. **Recommendations** For Apple Airport Extreme firmware version 0.1.27, update the firmware to a newer version to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** NetGear WG311v1 wireless adapter version 2.3.1.10 **Description** A heap-based buffer overflow issue exists in the wireless driver, allowing remote attackers to execute arbitrary code via an 802.11 management frame with a long SSID. **Recommendations** For version 2.3.1.10, update the wireless driver to a version that contains a fix for this issue. As a temporary workaround, consider restricting access to the wireless network to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** NetGear MA521 PCMCIA adapter version 5.148.724.2003 **Description** The issue is related to a buffer overflow in the MA521nd5.SYS driver, which can be exploited by remote attackers to execute arbitrary code. This can be achieved via beacon or probe 802.11 frame responses with a long supported rates information element. **Recommendations** For version 5.148.724.2003, consider disabling the MA521nd5.SYS driver until a patch is available to prevent potential exploitation. Restrict access to the affected NetGear MA521 PCMCIA adapter to minimize the risk of exploitation. Avoid using the adapter for critical operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Linux kernel versions 2.6.x before 2.6.24 Linux kernel version 2.6.18 **Description** The issue allows local users to cause a denial of service, resulting in a system hang, by utilizing a malformed minix file stream. This stream triggers an infinite loop in the minix bmap function, potentially due to an integer overflow or signedness error. **Recommendations** For Linux kernel versions 2.6.x before 2.6.24, consider updating to version 2.6.24 or later to resolve the issue. For Linux kernel version 2.6.18, consider updating to version 2.6.24 or later to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** com.apple.AppleDiskImageController in Apple Mac OS X version 10.4.8 **Description** The issue allows remote attackers to potentially execute arbitrary code via a malformed DMG image, which triggers memory corruption. However, the severity of this issue has been disputed, with a third party stating that the impact is limited to a denial of service, specifically a kernel panic, due to a vm fault call with a non-aligned address. **Recommendations** For Apple Mac OS X version 10.4.8, consider avoiding the use of malformed DMG images to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: FreeBSD version 6.1 Description: The issue is related to an integer overflow in the `ffs mountfs` function, which can be triggered by a crafted UFS filesystem. This overflow can cause a denial of service (panic) and potentially allow the execution of arbitrary code when invalid or large size parameters are provided to the `kmem alloc` function. Recommendations: For FreeBSD version 6.1, consider restricting access to mounting filesystems to prevent potential exploitation, as only root users can mount a filesystem. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Debian GNU/Linux kernel-image-2.4.27-4-itanium version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-itanium-smp version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-sparc64 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-s390 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-s390-tape version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-sparc64-smp version 2.4.27-4 Debian GNU/Linux kernel-build-2.4.27-4 version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-generic version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-mckinley version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-smp version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-generic version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-s390x version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-mckinley version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-sparc64-smp version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-itanium version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-sparc32-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-sparc32 version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-sparc32-smp version 2.4.27-4 **Description** The issue is related to multiple vulnerabilities in various packages of the Debian GNU/Linux operating system. These vulnerabilities can be exploited remotely and may lead to a denial of service, causing disruption to the availability of protected information. The vulnerabilities are present in different kernel and module packages, including kernel-image, kernel-pcmcia-modules, kernel-headers, hostap-modules, i2c, and lm-sensors. The exploitation of these vulnerabilities can be done remotely. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Debian GNU/Linux kernel-image-2.4.27-4-itanium version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-itanium-smp version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-sparc64 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-s390 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-s390-tape version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-sparc64-smp version 2.4.27-4 Debian GNU/Linux kernel-build-2.4.27-4 version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-generic version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-mckinley version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-sparc64 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-sparc32 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-mckinley-smp version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-itanium-smp version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-mckinley-smp version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-smp version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-generic version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-s390x version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-mckinley version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-sparc64-smp version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-itanium version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-sparc32-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-sparc32 version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-sparc32-smp version 2.4.27-4 **Description** The issue is related to multiple vulnerabilities in the Debian GNU/Linux kernel. These vulnerabilities can be exploited remotely and may lead to a denial of service, causing disruption to the availability of protected information. The vulnerabilities exist in various kernel modules and packages, including kernel-image, kernel-pcmcia-modules, kernel-headers, hostap-modules, i2c, pcmcia-modules, lm-sensors, and kernel-build. The exploitation of these vulnerabilities can be done via an ext2 stream with malformed data structures, triggering an error in the ext2 check page due to a length that is smaller than the minimum. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Debian GNU/Linux kernel-image-2.4.27-4-itanium version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-itanium-smp version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-sparc64 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-s390 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-s390-tape version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-sparc64-smp version 2.4.27-4 Debian GNU/Linux kernel-build-2.4.27-4 version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-generic version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-mckinley version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-sparc64 version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-smp version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-586tsc version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-generic version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-s390x version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-mckinley version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-sparc64-smp version 2.4.27-4 Debian GNU/Linux kernel-pcmcia-modules-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux lm-sensors-2.4.27-4-686 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-k7 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-itanium version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-686-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-sparc32 version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux pcmcia-modules-2.4.27-4-k7-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-sparc32-smp version 2.4.27-4 Debian GNU/Linux kernel-headers-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux i2c-2.4.27-4-386 version 2.4.27-4 Debian GNU/Linux hostap-modules-2.4.27-4-k6 version 2.4.27-4 Debian GNU/Linux kernel-image-2.4.27-4-sparc32-smp version 2.4.27-4 **Description** The issue is related to multiple vulnerabilities in various packages of the Debian GNU/Linux operating system. These vulnerabilities can be exploited remotely and may lead to a denial of service, causing disruption to the availability of protected information. The `zlib inflate` function in the Linux kernel 2.6.x is also affected, allowing local users to cause a denial of service via a malformed filesystem that uses zlib compression, triggering memory corruption. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.