[AusNOG] AusCERT Week in Review - Week Ending 05/06/2009 (AUSCERT#20073f686)
Patrick Mannion
patrick at auscert.org.au
Fri Jun 5 16:22:15 EST 2009
AusCERT Week in Review
05 June 2009
Papers, Articles and other documents:
-------------------------------------
Title: Phishing attack using fraudulent phone numbers
Date: 02 June 2009
URL: http://www.auscert.org.au/11079
Web Log Entries:
----------------
Title: Malware targetting bank ATMs
Date: 05 June 2009
URL: http://www.auscert.org.au/11098
Title: Audio recording of CBA telephone phishing
Date: 04 June 2009
URL: http://www.auscert.org.au/11089
Title: Phishing attacks by telephone
Date: 02 June 2009
URL: http://www.auscert.org.au/11080
Alerts, Advisories and Updates:
-------------------------------
Title: AA-2009.0135 -- [Win][Linux][HP-UX][Solaris][AIX] -- DB2 9.5 and 9.1:
Multiple vulnerabilities
Date: 04 June 2009
URL: http://www.auscert.org.au/11092
Title: AA-2009.0136 -- [Win][UNIX/Linux] -- Joomla!: Cross-site Scripting
Date: 04 June 2009
URL: http://www.auscert.org.au/11093
Title: AA-2009.0134 -- [Linux] -- strongSwan: Denial of Service
Date: 03 June 2009
URL: http://www.auscert.org.au/11083
Title: AA-2009.0131 -- [Win] -- Microsoft DirectShow: Execute Arbitrary Code
Date: 01 June 2009
URL: http://www.auscert.org.au/11066
Title: AA-2009.0132 -- [IBM HMC] -- IBM Hardware Management Console: Reduced
Security
Date: 01 June 2009
URL: http://www.auscert.org.au/11069
Title: AA-2009.0133 -- [Netware][Linux] -- Novell Netstorage: Multiple
Vulnerabilities
Date: 01 June 2009
URL: http://www.auscert.org.au/11072
External Security Bulletins:
----------------------------
Title: ESB-2009.0691 -- [Win][UNIX/Linux] -- Apache Tomcat: Modify Arbitrary
Files
Date: 05 June 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Mac OS X,
HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/11097
Title: ESB-2009.0690 -- [Win][UNIX/Linux][Solaris] -- Sun Java System Web
Server 6.1 Reverse Proxy Plug-in: Execute Arbitrary Code
Date: 05 June 2009
OS: HP Tru64 UNIX, Solaris, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Mac OS X,
HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/11096
Title: ESB-2009.0689 -- [Win][Linux][Solaris][AIX] -- Sun GlassFish Enterprise
Server and Sun Java System Application Server: Execute Arbitrary Code
Date: 05 June 2009
OS: Windows Vista, AIX, Mac OS X, Red Hat Linux, Windows Server 2008,
Windows XP, Other Linux Variants, Windows 2000, Windows 2003, Debian
GNU/Linux, Ubuntu, Solaris
URL: http://www.auscert.org.au/10979
Title: ESB-2009.0533 -- [Solaris][OpenSolaris] -- Solaris Kerberos Credential
Management: Inappropriate Access
Date: 05 June 2009
OS: Solaris
URL: http://www.auscert.org.au/11095
Title: ESB-2009.0532 -- [Win][UNIX/Linux][Debian] -- apr-util: Denial of
Service
Date: 05 June 2009
OS: Debian GNU/Linux, Windows 2003, Windows 2000, Windows XP, Windows
Server 2008, Windows Vista
URL: http://www.auscert.org.au/11094
Title: ESB-2009.0531 -- [Win][UNIX/Linux] -- Drupal third-party modules:
Cross-site Scripting
Date: 04 June 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Mac OS X,
HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/11091
Title: ESB-2009.0530 -- [Win][UNIX/Linux] -- Tomcat: Multiple vulnerabilities
Date: 04 June 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Mac OS X,
HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/11090
Title: ESB-2009.0529 -- [UNIX/Linux][RedHat] -- cups: Execute Arbitrary Code
Date: 04 June 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X,
HP-UX, AIX
URL: http://www.auscert.org.au/11088
Title: ESB-2009.0528 -- [RedHat] -- kernel-rt: Multiple vulnerabilities
Date: 04 June 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11087
Title: ESB-2009.0527 -- [Linux][Debian] -- kernel: Increased Privileges
Date: 03 June 2009
OS: Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/11086
Title: ESB-2009.0526 -- [RedHat] -- kernel: Increased Privileges
Date: 03 June 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11085
Title: ESB-2009.0525 -- [Debian] -- libapache-mod-jk: Access Confidential Data
Date: 03 June 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/11084
Title: ESB-2009.0524 -- [Mac][OSX] -- Apple Terminal xterm: Execute Arbitrary
Code
Date: 03 June 2009
OS: Mac OS X
URL: http://www.auscert.org.au/11082
Title: ESB-2009.0523 -- [UNIX/Linux][Debian] -- cups/cupsys: Denial of Service
Date: 03 June 2009
OS: Ubuntu, Debian GNU/Linux, Other BSD Variants, IRIX, OpenBSD, FreeBSD,
Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX, AIX
URL: http://www.auscert.org.au/11081
Title: ESB-2009.0522 -- [RedHat] -- Red Hat Enterprise Linux 2.1 - End-Of-Life
notification
Date: 02 June 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11078
Title: ESB-2009.0521 -- [Win] -- Safenet SoftRemote: Execute Arbitrary Code
Date: 02 June 2009
OS: Windows 2003, Windows 2000, Windows XP, Windows Server 2008, Windows
Vista
URL: http://www.auscert.org.au/11077
Title: ESB-2009.0520 -- [Win][UNIX/Linux][Debian] -- drupal: Cross-site
Scripting
Date: 02 June 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Mac OS X,
HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/11076
Title: ESB-2009.0519 -- [Debian] -- Cyrus-sasl: Execute Arbitrary Code
Date: 02 June 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/11075
Title: ESB-2009.0518 -- [Win][Mac][OSX] -- iTunes: Execute Arbitrary Code
Date: 04 June 2009
OS: Windows Vista, Mac OS X, Windows XP
URL: http://www.auscert.org.au/11074
Title: ESB-2009.0517 -- [Win][Mac][OSX] -- QuickTime: Execute Arbitrary Code
Date: 04 June 2009
OS: Windows Vista, Mac OS X, Windows XP
URL: http://www.auscert.org.au/11073
Title: ESB-2009.0516 -- [NetBSD] -- NetBSD 3.x: End-Of-Life notification
Date: 01 June 2009
OS: Other BSD Variants
URL: http://www.auscert.org.au/11071
Title: ESB-2009.0515 -- [Win][UNIX/Linux] -- Drupal third-party modules:
Execute Arbitrary Code
Date: 01 June 2009
OS: Windows Vista, AIX, HP-UX, Mac OS X, Red Hat Linux, Windows Server
2008, Windows XP, Other Linux Variants, FreeBSD, Windows 2000, OpenBSD,
Windows 2003, IRIX, Other BSD Variants, Debian GNU/Linux, Ubuntu, HP
Tru64 UNIX, Solaris
URL: http://www.auscert.org.au/11070
Title: ESB-2009.0514 -- [Solaris][OpenSolaris] -- libpng: Execute Arbitrary
Code
Date: 01 June 2009
OS: Solaris
URL: http://www.auscert.org.au/11068
Title: ESB-2009.0509 -- [HP-UX] -- HP-UX Running Java: Multiple
Vulnerabilities
Date: 03 June 2009
OS: HP-UX
URL: http://www.auscert.org.au/11055
Title: ESB-2009.0307 -- [VMware ESX] -- ESX: updates for openssl, bind and vim
Date: 02 June 2009
OS: Virtualisation
URL: http://www.auscert.org.au/10742
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list