[AusNOG] AusCERT Week in Review - Week Ending 09/07/2010 (AUSCERT#20073f686)
Paul Fahey
paul at auscert.org.au
Fri Jul 9 15:47:42 EST 2010
Alerts, Advisories and Updates:
-------------------------------
Title: ASB-2010.0164 - [Appliance] f5 BIG-IP 10.1.0: Multiple
vulnerabilities
Date: 09 July 2010
URL: http://www.auscert.org.au/13039
Title: ASB-2010.0163.2 - UPDATE [Win][Linux][Mac][OSX] Google Chrome:
Multiple
vulnerabilities
Date: 07 July 2010
URL: http://www.auscert.org.au/13027
Title: ASB-2010.0162 - [Win] Novell Identity Manager Roles Based
Provisioning
Module 3.7: Cross-site scripting - Remote with user interaction
Date: 06 July 2010
URL: http://www.auscert.org.au/13026
Title: ASB-2010.0161 - [Win] Ruby: Execute arbitrary code/commands -
Remote/unauthenticated
Date: 05 July 2010
URL: http://www.auscert.org.au/13025
External Security Bulletins:
----------------------------
Title: ESB-2010.0603 - [SUSE][OpenSUSE] acroread: Multiple vulnerabilities
Date: 09 July 2010
OS: Other Linux Variants, SUSE
URL: http://www.auscert.org.au/13038
Title: ESB-2010.0602 - [Ubuntu] libpam-modules: Root compromise - Existing
account
Date: 09 July 2010
OS: Ubuntu
URL: http://www.auscert.org.au/13037
Title: ESB-2010.0601 - [RedHat] gfs-kmod: Denial of service - Existing
account
Date: 09 July 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13036
Title: ESB-2010.0600 - [Win][UNIX/Linux][RedHat] libtiff: Multiple
vulnerabilities
Date: 09 July 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/13035
Title: ESB-2010.0599 - [RedHat] scsi-target-utils: Denial of service -
Remote/unauthenticated
Date: 09 July 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13034
Title: ESB-2010.0598 - [UNIX/Linux] rpm: Increased privileges - Existing
account
Date: 08 July 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/13033
Title: ESB-2010.0597 - [Win][UNIX/Linux] MediaWiki: Multiple vulnerabilities
Date: 08 July 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/13032
Title: ESB-2010.0596 - [UNIX/Linux] Avahi: Denial of service -
Remote/unauthenticated
Date: 08 July 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/13031
Title: ESB-2010.0595 - [Cisco] Cisco Industrial Ethernet 3000 Series
Switches:
Unauthorised access - Remote with user interaction
Date: 08 July 2010
OS: Cisco Products
URL: http://www.auscert.org.au/13030
Title: ESB-2010.0594 - [Win][UNIX/Linux] Drupal Third-party modules:
Cross-site request forgery - Remote with user interaction
Date: 08 July 2010
OS: HP Tru64 UNIX, Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD,
HP-UX, SUSE, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat
Linux, AIX, Windows 7, Windows Server 2008, Windows Vista, Windows
2003, Windows 2000, Windows XP, Mac OS X
URL: http://www.auscert.org.au/13029
Title: ESB-2010.0593 - [SUSE] java-1_5_0-ibm: Multiple vulnerabilities
Date: 07 July 2010
OS: SUSE
URL: http://www.auscert.org.au/13028
Title: ESB-2010.0592 - [SUSE] kernel: Denial of service -
Remote/unauthenticated
Date: 05 July 2010
OS: SUSE
URL: http://www.auscert.org.au/13024
Title: ESB-2010.0591 - [UNIX/Linux][Debian] mahara: Multiple vulnerabilities
Date: 05 July 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Debian
GNU/Linux, Ubuntu, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX,
FreeBSD, Other Linux Variants
URL: http://www.auscert.org.au/13023
Title: ESB-2010.0527.2 - UPDATE [UNIX/Linux][Debian] pcsc-lite: Root
compromise - Existing account
Date: 05 July 2010
OS: Other Linux Variants, FreeBSD, AIX, OpenBSD, SUSE, Other BSD
Variants,
HP-UX, Ubuntu, Debian GNU/Linux, Mac OS X, Red Hat Linux, Solaris, HP
Tru64 UNIX, IRIX
URL: http://www.auscert.org.au/12911
Title: ESB-2010.0449.2 - UPDATE [Win][UNIX/Linux] lftp, libwww-perl, wget:
Reduced security - Remote with user interaction
Date: 07 July 2010
OS: Windows Server 2008, Other Linux Variants, Windows Vista, FreeBSD,
AIX,
OpenBSD, Windows 2000, SUSE, Other BSD Variants, HP-UX, Windows XP,
Ubuntu, Debian GNU/Linux, Mac OS X, Windows 7, Red Hat Linux, Windows
2003, Solaris, HP Tru64 UNIX, IRIX
URL: http://www.auscert.org.au/12810
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20100709/c0d6341d/attachment.html>
More information about the AusNOG
mailing list