[AusNOG] AusCERT Week in Review - Week Ending 29/05/2009 (AUSCERT#20073f686)
Paul Fahey
paul at auscert.org.au
Fri May 29 15:58:23 EST 2009
Alerts, Advisories and Updates:
-------------------------------
Title: AA-2009.0130 -- [Win][UNIX/Linux] -- ImageMagick: Execute Arbitrary
Code
Date: 28 May 2009
URL: http://www.auscert.org.au/11058
Title: AU-2009.0023 -- AusCERT Update - [Win] - Microsoft Security Bulletin
(MS09-003) Major Revision
Date: 28 May 2009
URL: http://www.auscert.org.au/11056
Title: AL-2009.0041 -- [Win] -- Possible authentication bypass vulnerability
in IIS6
Date: 27 May 2009
URL: http://www.auscert.org.au/11001
Title: AA-2009.0125 -- [Win] -- BlackBerry Enterprise Server: Execute
Arbitrary Code
Date: 27 May 2009
URL: http://www.auscert.org.au/11050
Title: AA-2009.0126 -- [Win] -- Microsoft Windows Vista and Server 2008
Service Pack 2 is now available
Date: 27 May 2009
URL: http://www.auscert.org.au/11051
Title: AA-2009.0127 -- [Win] -- Nortel Contact Center Manager: Inappropriate
Access
Date: 27 May 2009
URL: http://www.auscert.org.au/11052
Title: AA-2009.0128 -- [Win][UNIX/Linux] -- DotNetNuke: Execute Arbitrary
Code
Date: 27 May 2009
URL: http://www.auscert.org.au/11053
Title: AA-2009.0129 -- [Win][UNIX/Linux] -- libsndfile: Execute Arbitrary
Code
Date: 27 May 2009
URL: http://www.auscert.org.au/11054
Title: AA-2009.0122 -- [Win] -- Panda Security: Reduced Security
Date: 26 May 2009
URL: http://www.auscert.org.au/11042
Title: AA-2009.0123 -- [Win][Linux][AIX] -- IBM WebSphere Partner Gateway:
Access Confidential Data
Date: 26 May 2009
URL: http://www.auscert.org.au/11044
Title: AA-2009.0124 -- [Win][UNIX/Linux] -- Wireshark: Denial of Service
Date: 26 May 2009
URL: http://www.auscert.org.au/11046
External Security Bulletins:
----------------------------
Title: ESB-2008.1053 -- [Solaris] -- A Buffer Overflow Security
Vulnerability
in the Solaris sadmind(1M) Daemon May Lead to Execution of Arbitrary
Code
Date: 25 May 2009
OS: Solaris
URL: http://www.auscert.org.au/10085
Title: ESB-2009.0512 -- [Win] -- Citrix Password Manager: Inappropriate
Access
Date: 29 May 2009
OS: Windows 2003, Windows 2000, Windows XP, Windows Server 2008, Windows
Vista
URL: http://www.auscert.org.au/11060
Title: ESB-2009.0511 -- [Win][UNIX/Linux] -- Ajax Session (Drupal
third-party
module): Cross-site Request Forgery
Date: 29 May 2009
OS: Windows Vista, AIX, HP-UX, Mac OS X, Red Hat Linux, Windows Server
2008, Windows XP, Other Linux Variants, FreeBSD, Windows 2000,
OpenBSD,
Windows 2003, IRIX, Other BSD Variants, Debian GNU/Linux, Ubuntu, HP
Tru64 UNIX, Solaris
URL: http://www.auscert.org.au/11059
Title: ESB-2009.0510 -- [Win][Netware][UNIX/Linux][RedHat] -- httpd: Execute
Arbitrary Code
Date: 28 May 2009
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
Windows 2003, OpenBSD, FreeBSD, Other Linux Variants, Windows XP,
Windows Server 2008, Red Hat Linux, Novell Netware, HP-UX, AIX,
Windows
Vista
URL: http://www.auscert.org.au/11057
Title: ESB-2009.0509 -- [HP-UX] -- HP-UX Running Java: Multiple
Vulnerabilities
Date: 28 May 2009
OS: HP-UX
URL: http://www.auscert.org.au/11055
Title: ESB-2009.0508 -- [RedHat] -- Red Hat Application Stack v2.3: Execute
Arbitrary Code
Date: 27 May 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11049
Title: ESB-2009.0507 -- [RedHat] -- squirrelmail: Execute Arbitrary Code
Date: 27 May 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11048
Title: ESB-2009.0506 -- [RedHat] -- rhpki-ra: Inappropriate Access
Date: 27 May 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11047
Title: ESB-2009.0505 -- [SUSE] -- IBM JDK 5: Multiple Vulnerabilities
Date: 26 May 2009
OS: Other Linux Variants
URL: http://www.auscert.org.au/11043
Title: ESB-2009.0504 -- [RedHat] -- freetype: Execute Arbitrary Code
Date: 25 May 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11041
Title: ESB-2009.0503 -- [UNIX/Linux][Debian] -- cscope: Execute Arbitrary
Code
Date: 25 May 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/11040
Title: ESB-2009.0502 -- [RedHat] -- pidgin: Multiple Vulnerabilities
Date: 25 May 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11039
Title: ESB-2009.0501 -- [Win][UNIX/Linux][Debian] -- pidgin: Execute
Arbitrary
Code
Date: 25 May 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Mac OS X,
HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/11038
Title: ESB-2009.0500 -- [Solaris] -- sadmind(1M) Daemon: Execute Arbitrary
Code
Date: 25 May 2009
OS: Solaris
URL: http://www.auscert.org.au/11037
Title: ESB-2009.0499 -- [OpenSolaris] -- Solaris Secure Digital Slot Driver:
Execute Arbitrary Code
Date: 25 May 2009
OS: Solaris
URL: http://www.auscert.org.au/11036
Title: ESB-2009.0498 -- [Linux][Solaris] -- Sun Java System Portal Server:
Execute Arbitrary Code
Date: 25 May 2009
OS: Solaris, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat
Linux
URL: http://www.auscert.org.au/11035
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20090529/f351a656/attachment.html>
More information about the AusNOG
mailing list