[AusNOG] AusCERT Week in Review - Week Ending 22/05/2009 (AUSCERT#20073f686)
Paul Fahey
paul at auscert.org.au
Fri May 22 15:13:40 EST 2009
Alerts, Advisories and Updates:
-------------------------------
Title: AU-2009.0022 -- AusCERT Update - [Debian] - squirrelmail: Remote Code
Execution
Date: 22 May 2009
URL: http://www.auscert.org.au/11031
Title: AA-2009.0121 -- [Win][Linux] -- Novell GroupWise: Multiple
Vulnerabilities
Date: 22 May 2009
URL: http://www.auscert.org.au/11033
Title: AA-2009.0120 -- [OSX] -- Java Runtime Environment: Multiple
Vulnerabilities
Date: 21 May 2009
URL: http://www.auscert.org.au/11030
Title: AL-2009.0041 -- [Win] -- Possible authentication bypass vulnerability
in IIS6
Date: 19 May 2009
URL: http://www.auscert.org.au/11001
Title: AU-2009.0021 -- AusCERT Update - [Win] - Update to recent IIS
vulnerability
Date: 19 May 2009
URL: http://www.auscert.org.au/11009
Title: AL-2009.0042 -- [Win][Linux] -- HP System Management Homepage: Cross
site scripting
Date: 18 May 2009
URL: http://www.auscert.org.au/11005
External Security Bulletins:
----------------------------
Title: ESB-2009.0697 -- [Win][UNIX/Linux] -- Drupal third-party modules:
Multiple Vulnerabilities
Date: 21 May 2009
OS: Windows Vista, AIX, HP-UX, Mac OS X, Red Hat Linux, Windows Server
2008, Windows XP, Other Linux Variants, FreeBSD, Windows 2000,
OpenBSD,
Windows 2003, IRIX, Other BSD Variants, Debian GNU/Linux, Ubuntu, HP
Tru64 UNIX, Solaris
URL: http://www.auscert.org.au/10990
Title: ESB-2009.0497 -- [Linux][Solaris] -- Sun Java System Communications
Express: Cross-Site Scripting
Date: 22 May 2009
OS: Red Hat Linux, Other Linux Variants, Debian GNU/Linux, Ubuntu,
Solaris
URL: http://www.auscert.org.au/11032
Title: ESB-2009.0496 -- [SUSE] -- kernel: Multiple vulnerabilities
Date: 21 May 2009
OS: Other Linux Variants
URL: http://www.auscert.org.au/11029
Title: ESB-2009.0495 -- [SUSE] -- acroread: Execute Arbitrary Code
Date: 21 May 2009
OS: Other Linux Variants
URL: http://www.auscert.org.au/11028
Title: ESB-2009.0494 -- [Win][UNIX/Linux] -- Drupal third-party modules:
Multiple Vulnerabilities
Date: 21 May 2009
OS: Solaris, HP Tru64 UNIX, Windows 98/98SE, Ubuntu, Debian GNU/Linux,
Other BSD Variants, IRIX, Windows 2003, OpenBSD, Windows 2000,
FreeBSD,
Other Linux Variants, Windows XP, Windows Server 2008, Red Hat Linux,
Windows NT 4, Mac OS X, HP-UX, AIX, Windows Vista, Windows ME
URL: http://www.auscert.org.au/11027
Title: ESB-2009.0493 -- [UNIX/Linux][Debian] -- nsd: Denial of Service
Date: 21 May 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX,
AIX
URL: http://www.auscert.org.au/11026
Title: ESB-2009.0492 -- [Win] -- CiscoWorks: Access Privileged Data
Date: 21 May 2009
OS: Windows 98/98SE, Windows 2003, Windows 2000, Windows XP, Windows
Server
2008, Windows NT 4, Windows Vista, Windows ME
URL: http://www.auscert.org.au/11025
Title: ESB-2009.0491 -- [RedHat] -- httpd mod_proxy_ajp: Inappropriate
access
Date: 21 May 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11024
Title: ESB-2009.0490 -- [Debian] -- ipsec-tools: Denial of service
Date: 21 May 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/11023
Title: ESB-2009.0489 -- [Solaris] -- Third-party Applications Using GSS-API:
Execute Arbitrary Code
Date: 20 May 2009
OS: Solaris
URL: http://www.auscert.org.au/11022
Title: ESB-2009.0488 -- [RedHat] -- kernel: Execute Arbitrary Code
Date: 20 May 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11021
Title: ESB-2009.0487 -- [Win][UNIX/Linux][Solaris][AIX] -- IBM Tivoli
Storage
Manager: Multiple Vulnerabilities
Date: 20 May 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Mac OS X,
HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/11020
Title: ESB-2009.0486 -- [AIX] -- AIX libc MALLOCDEBUG: Execute Arbitrary
Code
Date: 20 May 2009
OS: AIX
URL: http://www.auscert.org.au/11019
Title: ESB-2009.0485 -- [Win][Linux] -- HP System Management Homepage:
Cross-site Scripting
Date: 20 May 2009
OS: Ubuntu, Debian GNU/Linux, Windows 2003, Other Linux Variants, Windows
Server 2008, Red Hat Linux
URL: http://www.auscert.org.au/11018
Title: ESB-2009.0484 -- [Debian] -- ntp: Execute Arbitrary Code
Date: 20 May 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/11017
Title: ESB-2009.0483 -- [Debian] -- squirrelmail: Multiple Vulnerabilities
Date: 22 May 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/11016
Title: ESB-2009.0482 -- [Solaris] -- fstat: Denial of Service
Date: 19 May 2009
OS: Solaris
URL: http://www.auscert.org.au/11015
Title: ESB-2009.0481 -- [Win][Linux] -- HP Remote Graphics Software:
Inappropriate access
Date: 19 May 2009
OS: Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Windows NT
4,
Windows Vista
URL: http://www.auscert.org.au/11014
Title: ESB-2009.0480 -- [RedHat] -- util-linux: Provide misleading
information
Date: 19 May 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11013
Title: ESB-2009.0479 -- [RedHat] -- nfs-utils: Reduced security
Date: 19 May 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11011
Title: ESB-2009.0478 -- [RedHat] -- Kernel: Increased privileges
Date: 19 May 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11010
Title: ESB-2009.0477 -- [RedHat] -- java-1.5.0-ibm: Execute arbitrary code
Date: 19 May 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11008
Title: ESB-2009.0476 -- [Linux][RedHat] -- ipsec-tools: Denial of service
Date: 19 May 2009
OS: Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/11007
Title: ESB-2009.0475 -- [RedHat] -- ntp: Execute arbitrary code
Date: 19 May 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11006
Title: ESB-2009.0474 -- [Solaris][OpenSolaris] -- Solaris SASL: Denial of
Service
Date: 18 May 2009
OS: Solaris
URL: http://www.auscert.org.au/11004
Title: ESB-2009.0473 -- [Debian] -- Kernel: Multiple vulnerabilities
Date: 18 May 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/11003
Title: ESB-2009.0472 -- [Win][Linux][FreeBSD][HP-UX][Solaris][AIX] -- Oracle
Outside In: Execute Arbitrary Code/Commands
Date: 18 May 2009
OS: Solaris, Ubuntu, Debian GNU/Linux, IRIX, Windows 2003, Windows 2000,
FreeBSD, Other Linux Variants, Windows XP, Windows Server 2008, Red
Hat
Linux, HP-UX, Windows Vista
URL: http://www.auscert.org.au/11002
Title: ESB-2009.0127 -- [Win][UNIX/Linux] -- HP Storage Essentials SRM,
Remote
Unauthorized Access
Date: 21 May 2009
OS: Windows Vista, AIX, HP-UX, Red Hat Linux, Windows XP, Other Linux
Variants, Windows 2000, Windows 2003, IRIX, Debian GNU/Linux, Ubuntu,
HP Tru64 UNIX, Solaris
URL: http://www.auscert.org.au/8751
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20090522/5bef12e5/attachment.html>
More information about the AusNOG
mailing list