[AusNOG] AusCERT Week in Review - Week Ending 02/10/2009 (AUSCERT#20073f686)
Paul Fahey
paul at auscert.org.au
Fri Oct 2 15:29:18 EST 2009
AusCERT Week in Review
02 October 2009
Alerts, Advisories and Updates:
-------------------------------
Title: ASB-2009.1097.2 - UPDATE [Win] avast! Home/Professional : Multiple
vulnerabilities
Date: 02 October 2009
URL: http://www.auscert.org.au/11719
Title: ASB-2009.1101.2 - UPDATE [Win][Linux][HP-UX][Solaris][AIX] IBM Tivoli
Composite Application Manager for WebSphere: Cross-site scripting -
Remote/unauthenticated
Date: 02 October 2009
URL: http://www.auscert.org.au/11736
Title: ASB-2009.1102 - [Win] Google Chrome: Execute arbitrary code/commands
-
Remote/unauthenticated
Date: 02 October 2009
URL: http://www.auscert.org.au/11742
Title: ASB-2009.1096.2 - UPDATE [Win][Linux][AIX] IBM Lotus Connections:
Cross-site scripting - Remote/unauthenticated
Date: 30 September 2009
URL: http://www.auscert.org.au/11711
Title: ASB-2009.1098.3 - UPDATE [Win][Linux][HP-UX][Solaris][AIX] IBM DB2
V9.1: Multiple vulnerabilities
Date: 30 September 2009
URL: http://www.auscert.org.au/11723
Title: ASB-2009.1099.2 - UPDATE BlackBerry Device: Provide misleading
information - Remote/unauthenticated
Date: 30 September 2009
URL: http://www.auscert.org.au/11724
Title: ASB-2009.1100.2 - UPDATE [Win][Linux][Solaris][AIX] IBM Lotus Quickr:
Cross-site scripting - Remote/unauthenticated
Date: 30 September 2009
URL: http://www.auscert.org.au/11725
External Security Bulletins:
----------------------------
Title: ESB-2009.1365 - [OpenSolaris] Firefox: Multiple vulnerabilities
Date: 02 October 2009
OS: Solaris
URL: http://www.auscert.org.au/11741
Title: ESB-2009.1364.2 - UPDATE [Solaris][OpenSolaris] Solaris IP(7P) Module
and STREAMS Framework: Denial of service - Existing account
Date: 02 October 2009
OS: Solaris
URL: http://www.auscert.org.au/11740
Title: ESB-2009.1363 - [Linux][RedHat] xen: Root compromise - Existing
account
Date: 02 October 2009
OS: Red Hat Linux, Ubuntu, Debian GNU/Linux, SUSE, Other Linux Variants
URL: http://www.auscert.org.au/11739
Title: ESB-2009.1362 - [UNIX/Linux][RedHat] elinks: Multiple vulnerabilities
Date: 02 October 2009
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/11738
Title: ESB-2009.1361 - [UNIX/Linux][Ubuntu] Samba: Multiple vulnerabilities
Date: 02 October 2009
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/11737
Title: ESB-2009.1360 - [Netware] NFS Portmapper & RPC Module: Execute
arbitrary code/commands - Remote/unauthenticated
Date: 01 October 2009
OS: Novell Netware
URL: http://www.auscert.org.au/11735
Title: ESB-2009.1359.2 - UPDATE [Win][UNIX/Linux] Drupal third-party
modules:
Multiple vulnerabilities
Date: 01 October 2009
OS: Windows Server 2008, Other Linux Variants, Windows Vista, FreeBSD,
AIX,
OpenBSD, Windows 2000, SUSE, Other BSD Variants, HP-UX, Windows XP,
Ubuntu, Debian GNU/Linux, Mac OS X, Red Hat Linux, Windows 2003,
Solaris, HP Tru64 UNIX, IRIX
URL: http://www.auscert.org.au/11734
Title: ESB-2009.1358 - [RedHat] openssh: Increased privileges - Existing
account
Date: 01 October 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11733
Title: ESB-2009.1357 - [RedHat] kernel: Multiple vulnerabilities
Date: 01 October 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11732
Title: ESB-2009.1356.2 - UPDATE [AIX] IBM: Unauthorised access -
Remote/unauthenticated
Date: 02 October 2009
OS: AIX
URL: http://www.auscert.org.au/11730
Title: ESB-2009.1355 - [RedHat] kernel: Multiple vulnerabilities
Date: 30 September 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11729
Title: ESB-2009.1354 - [UNIX/Linux][RedHat] kvm: Increased privileges -
Existing account
Date: 30 September 2009
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/11728
Title: ESB-2009.1353 - [RedHat] kernel: Increased privileges - Existing
account
Date: 30 September 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11727
Title: ESB-2009.1352 - [Win][Linux] HP Remote Graphics Software (RGS)
Sender,:
Unauthorised access - Remote/unauthenticated
Date: 29 September 2009
OS: Windows 2003, Red Hat Linux, Ubuntu, Debian GNU/Linux, HP-UX, Windows
XP, SUSE, Windows 2000, Windows Vista, Windows Server 2008, Other
Linux
Variants
URL: http://www.auscert.org.au/11722
Title: ESB-2009.1351 - [Debian] horde3: Execute arbitrary code/commands -
Remote/unauthenticated
Date: 29 September 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/11721
Title: ESB-2009.1350.2 - UPDATE [Win][UNIX/Linux][Debian] Debian: Multiple
vulnerabilities
Date: 30 September 2009
OS: Windows Server 2008, Other Linux Variants, Windows Vista, FreeBSD,
AIX,
OpenBSD, Windows 2000, SUSE, Other BSD Variants, HP-UX, Windows XP,
Ubuntu, Debian GNU/Linux, Mac OS X, Red Hat Linux, Windows 2003,
Solaris, HP Tru64 UNIX, IRIX
URL: http://www.auscert.org.au/11720
Title: ESB-2009.1349 - [Solaris][OpenSolaris] libtiff: Denial of service -
Existing account
Date: 28 September 2009
OS: Solaris
URL: http://www.auscert.org.au/11718
Title: ESB-2009.1348.2 - UPDATE [Solaris][OpenSolaris] Samba: Modify
arbitrary
files - Existing account
Date: 30 September 2009
OS: Solaris
URL: http://www.auscert.org.au/11717
Title: ESB-2009.1347.2 - UPDATE [Solaris] Solaris Trusted Extensions Common
Desktop Environment: Root compromise - Existing account
Date: 30 September 2009
OS: Solaris
URL: http://www.auscert.org.au/11716
Title: ESB-2009.1346.2 - UPDATE [Solaris] Solaris Cluster 3.2 Configuration
Utility: Root compromise - Existing account
Date: 29 September 2009
OS: Solaris
URL: http://www.auscert.org.au/11715
Title: ESB-2009.1345.2 - UPDATE [Solaris][OpenSolaris] xscreensaver:
Read-only
data access - Console/physical
Date: 29 September 2009
OS: Solaris
URL: http://www.auscert.org.au/11714
Title: ESB-2009.1336.2 - UPDATE [Win][UNIX/Linux] Meta tags / Nodewords,
Markdown Preview, Devel (Drupal third-party modules):: Multiple
vulnerabilities
Date: 29 September 2009
OS: Windows Server 2008, Other Linux Variants, Windows Vista, FreeBSD,
AIX,
OpenBSD, Windows 2000, SUSE, Other BSD Variants, HP-UX, Windows XP,
Ubuntu, Debian GNU/Linux, Mac OS X, Red Hat Linux, Windows 2003,
Solaris, HP Tru64 UNIX, IRIX
URL: http://www.auscert.org.au/11701
Title: ESB-2009.1260.2 - UPDATE [Solaris][OpenSolaris] libxml2: Denial of
service - Remote with user interaction
Date: 30 September 2009
OS: Solaris
URL: http://www.auscert.org.au/11594
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20091002/4ba3cdc4/attachment.html>
More information about the AusNOG
mailing list