[AusNOG] AusCERT Week in Review - Week Ending 30/05/2008 (AUSCERT#20073F686)
Damien Curtain
damien at auscert.org.au
Fri May 30 14:24:07 EST 2008
AusCERT in the Media:
---------------------
Aussie Telco Hands Out Infected USB Drives
Security Pronews, KY
May 28, 2008
http://www.securitypronews.com/insiderreports/insider/spn-49-20080527AussieTelcoHandsOutInfectedUSBDrives.html
Security experts look to 'whitelisting' future
ZDNet UK, UK
May 28, 2008
http://news.zdnet.co.uk/security/0,1000000189,39425179,00.htm
Rootkit threatens Cisco routers
ZDNet.com.au, Australia
May 27, 2008
http://www.zdnet.com.au/news/security/soa/Rootkit-threatens-Cisco-routers/0,130061744,339289366,00.htm
.au domain names increasingly attacked
Secure Computing, Australia
May 26, 2008
http://www.securecomputing.net.au/news/76934,au-domain-names-increasingly-attacked.aspx
Artist formerly known as Patchlink touts whitelists
ZDNet Asia, Asia
May 26, 2008
http://www.zdnetasia.com/news/security/0,39044215,62041786,00.htm
Loans available online
ITWeb, South Africa
May 26, 2008
http://www.itweb.co.za/sections/business/2008/0805260901.asp?A=BUS&S=Business&T=News&O=ST
You're not on the (white)list, you can't come in
ZDNet.com.au, Australia
May 26, 2008
http://www.zdnet.com.au/blogs/dont-fall-for-it/soa/You-re-not-on-the-white-list-you-can-t-come-in/0,2001084681,339289226,00.htm
Notes from AusCERT 2008
ARNnet, Australia
May 25, 2008
http://www.arnnet.com.au/index.php/id;1912435751;fp;4;fpid;1382389953
Second hand security slip-up down under
DaniWeb, VA
May 25, 2008
http://www.daniweb.com/blogs/entry2510.html
USB Drives Given Out at Security Conference Contained Malware
IT Business Edge, KY
May 23, 2008
http://www.itbusinessedge.com/blogs/hdw/?p=2259
Alerts, Advisories and Updates:
-------------------------------
Title: AA-2008.0124 -- [Win][UNIX/Linux] -- Adobe Flash Player prior to
version 9.0.124.0 being actively exploited
Date: 30 May 2008
URL: http://www.auscert.org.au/9372
Title: AL-2008.0064 -- [UNIX/Linux] -- Boundary failure when parsing SMB
responses in Samba
Date: 29 May 2008
URL: http://www.auscert.org.au/9365
Title: AL-2008.0065 -- [Win][Cisco][Solaris] -- CiscoWorks Common Services
Arbitrary Code Execution Vulnerability
Date: 29 May 2008
URL: http://www.auscert.org.au/9369
Title: AA-2008.0115 -- [Win] -- Vulnerability reported in Microsoft Internet
Explorer
Date: 28 May 2008
URL: http://www.auscert.org.au/9308
Title: AL-2008.0063 -- [Win][Linux][Solaris][Mac][OSX] -- Adobe Flash player
code execution vulnerability
Date: 28 May 2008
URL: http://www.auscert.org.au/9363
Title: AA-2008.0123 -- [Win][UNIX/Linux] -- SAP Web Application Server
Cross-Site Scripting Security Vulnerability
Date: 28 May 2008
URL: http://www.auscert.org.au/9364
Title: AA-2008.0119 -- [Win][Linux] -- Patches for Lotus Domino Web Server
correct multiple vulnerabilities
Date: 27 May 2008
URL: http://www.auscert.org.au/9353
Title: AA-2008.0120 -- [Win][UNIX/Linux] -- new versions of stunnel released
correcting two vulnerabilities
Date: 27 May 2008
URL: http://www.auscert.org.au/9354
Title: AA-2008.0121 -- [UNIX/Linux] -- New mambo release corrects several
vulnerabilities
Date: 27 May 2008
URL: http://www.auscert.org.au/9357
Title: AA-2008.0122 -- [Appliance] -- Patch for Barracuda Networks Spam
Firewall correct XSS vulnerability
Date: 27 May 2008
URL: http://www.auscert.org.au/9358
Title: AA-2008.0118 -- [UNIX/Linux] -- Nagios 2.12 released correcting a
Cross
Site Scripting vulnerability
Date: 26 May 2008
URL: http://www.auscert.org.au/9348
External Security Bulletins:
----------------------------
Title: ESB-2008.0562 -- [Win] -- Symantec Backup Exec System Recovery
Manager
- Directory Traversal Vulnerability
Date: 30 May 2008
OS: Windows 2003, Windows 2000
URL: http://www.auscert.org.au/9371
Title: ESB-2008.0561 -- [Win][UNIX/Linux] -- OpenSSL 0.9.8h released fixing
two moderate security flaws
Date: 29 May 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows
Vista
URL: http://www.auscert.org.au/9370
Title: ESB-2008.0560 -- [OSX] -- Security Update 2008-003 and Mac OS X
v10.5.3
Date: 29 May 2008
OS: Mac OS X
URL: http://www.auscert.org.au/9368
Title: ESB-2008.0559 -- [Debian] -- New libxslt packages fix execution of
arbitrary code
Date: 29 May 2008
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/9367
Title: ESB-2008.0558 -- [RedHat] -- Critical: samba security update
Date: 29 May 2008
OS: Red Hat Linux
URL: http://www.auscert.org.au/9366
Title: ESB-2008.0557 -- [Win][Linux][Solaris][AIX] -- IBM HTTP Server
V2.0.47
Cumulative Interim Fix
Date: 28 May 2008
OS: Solaris, Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other
Linux Variants, Red Hat Linux, AIX
URL: http://www.auscert.org.au/9362
Title: ESB-2008.0556 -- [Mobile Device] -- Motorola RAZR JPG Processing
Stack
Overflow Vulnerability
Date: 28 May 2008
URL: http://www.auscert.org.au/9361
Title: ESB-2008.0555 -- [Win] -- EMC AlphaStor Server Agent and Library
Manager Multiple Vulnerabilities
Date: 28 May 2008
OS: Windows 2003, Windows 2000, Windows XP, Windows Vista
URL: http://www.auscert.org.au/9360
Title: ESB-2008.0554 -- [Debian] -- New Linux 2.6.18 packages fix several
vulnerabilities
Date: 28 May 2008
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/9359
Title: ESB-2008.0553 -- [RedHat] -- Low: Red Hat Network Proxy Server
security
update
Date: 27 May 2008
OS: Red Hat Linux
URL: http://www.auscert.org.au/9356
Title: ESB-2008.0552 -- [RedHat] -- Moderate: Red Hat Network Satellite
Server
Solaris client security update
Date: 27 May 2008
OS: Red Hat Linux
URL: http://www.auscert.org.au/9355
Title: ESB-2008.0551 -- [AIX] -- Multiple AIX advisories
Date: 27 May 2008
OS: AIX
URL: http://www.auscert.org.au/9352
Title: ESB-2008.0550 -- [Appliance] -- Storage Management Appliance (SMA),
Microsoft Patch Applicability MS08-026 to MS08-029
Date: 27 May 2008
URL: http://www.auscert.org.au/9351
Title: ESB-2008.0549 -- [UNIX/Linux][Debian] -- New mtr packages fix
execution
of arbitrary code
Date: 27 May 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/9350
Title: ESB-2008.0548 -- [Win] -- Multiple vulnerabilities in Citrix products
Date: 26 May 2008
OS: Windows 2003, Windows 2000
URL: http://www.auscert.org.au/9349
Title: ESB-2008.0547 -- [HP-UX] -- HP-UX Running HP-UX Secure Shell, Local
Unauthorized Access and Denial of Service (DoS)
Date: 26 May 2008
OS: HP-UX
URL: http://www.auscert.org.au/9347
Title: ESB-2008.0546 -- [RedHat] -- Low: nss_ldap security and bug fix
update
Date: 26 May 2008
OS: Red Hat Linux
URL: http://www.auscert.org.au/9346
Title: ESB-2008.0545 -- [RedHat] -- Low: mysql security and bug fix update
Date: 26 May 2008
OS: Red Hat Linux
URL: http://www.auscert.org.au/9345
Title: ESB-2008.0544 -- [RedHat] -- Low: dovecot security and bug fix update
Date: 26 May 2008
OS: Red Hat Linux
URL: http://www.auscert.org.au/9344
Title: ESB-2008.0543 -- [UNIX/Linux][RedHat] -- Low: compiz security update
Date: 26 May 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/9343
Title: ESB-2008.0542 -- [Debian] -- New xine-lib packages fix several
vulnerabilities
Date: 26 May 2008
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/9342
Title: ESB-2008.0541 -- [Win][UNIX/Linux] -- Cross-Site Scripting
Vulnerability in the Sun Java System Web Server Advanced Search
Mechanism
Date: 26 May 2008
OS: Solaris, Windows 2003, Windows 2000, Windows XP, Red Hat Linux,
HP-UX,
AIX
URL: http://www.auscert.org.au/9341
Title: ESB-2008.0540 -- [Solaris] -- A Security Vulnerability in the Solaris
10 STREAMS Administrative Driver ("sad") May Allow a Denial of
Service
Date: 26 May 2008
OS: Solaris
URL: http://www.auscert.org.au/9340
Title: ESB-2008.0514 -- [UNIX][HP-UX] -- HP-UX Running useradd(1M), Local
Unauthorized Access
Date: 28 May 2008
OS: HP-UX
URL: http://www.auscert.org.au/9313
Title: ESB-2008.0496 -- [HP-UX] -- HP-UX Running ftp, Remote Denial of
Service
(DoS)
Date: 29 May 2008
OS: HP-UX
URL: http://www.auscert.org.au/9273
Title: ESB-2007.0490 -- [Solaris] -- libpng(3) Contains a Denial of Service
(DoS) Vulnerability
Date: 26 May 2008
OS: Solaris
URL: http://www.auscert.org.au/7800
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list