[AusNOG] AusCERT Week in Review - Week Ending 19/03/2010 (AUSCERT#20073f686)
Paul Fahey
paul at auscert.org.au
Fri Mar 19 16:12:09 EST 2010
Alerts, Advisories and Updates:
-------------------------------
Title: ASB-2010.0084 - [z/OS] IBM DB2 Content Manager for z/OS Toolkit:
Reduced security - Unknown/unspecified
Date: 19 March 2010
URL: http://www.auscert.org.au/12537
Title: ASB-2010.0085 - [Win][Netware][Linux][Solaris][AIX] Novell
eDirectory:
Administrator compromise - Remote/unauthenticated
Date: 19 March 2010
URL: http://www.auscert.org.au/12538
Title: ASB-2010.0082 - [Appliance] f5 FirePass and BIG-IP SAM: Multiple
vulnerabilities
Date: 18 March 2010
URL: http://www.auscert.org.au/12534
Title: ASB-2010.0083 - [Win] Google Chrome: Multiple vulnerabilities
Date: 18 March 2010
URL: http://www.auscert.org.au/12535
Title: ASB-2010.0077.2 - UPDATE [Win][UNIX/Linux] Unbound: Denial of service
-
Remote/unauthenticated
Date: 17 March 2010
URL: http://www.auscert.org.au/12516
Title: ASB-2010.0079.2 - UPDATE [Win][UNIX/Linux] GCalendar: Unauthorised
access - Remote/unauthenticated
Date: 17 March 2010
URL: http://www.auscert.org.au/12521
Title: ASB-2010.0081 - [Win] IBM HTTP Server: Execute arbitrary
code/commands
- Remote/unauthenticated
Date: 17 March 2010
URL: http://www.auscert.org.au/12528
Title: ASB-2010.0080 - [UNIX/Linux] SpamAssassin Milter plugin : Execute
arbitrary code/commands - Remote/unauthenticated
Date: 16 March 2010
URL: http://www.auscert.org.au/12524
Title: ASB-2010.0078 - [z/OS] IBM WebSphere Application Server: Multiple
vulnerabilities
Date: 15 March 2010
URL: http://www.auscert.org.au/12517
External Security Bulletins:
----------------------------
Title: ESB-2010.0258 - [Win][UNIX/Linux][Debian] php5: Denial of service -
Remote/unauthenticated
Date: 19 March 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/12536
Title: ESB-2010.0257 - [Win] Virtual PC: Execute arbitrary code/commands -
Existing account
Date: 18 March 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/12533
Title: ESB-2010.0256 - [Win][UNIX/Linux] Email Input Filter, Tag Order, Keys
(Drupal third party modules): Multiple vulnerabilities
Date: 18 March 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Windows 2003, Red Hat Linux, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, Windows XP, HP-UX, Other BSD
Variants, SUSE, Windows 2000, OpenBSD, AIX, Windows Vista, FreeBSD,
Windows Server 2008, Other Linux Variants
URL: http://www.auscert.org.au/12532
Title: ESB-2010.0255 - [RedHat] java-1.4.2-ibm: Multiple vulnerabilities
Date: 18 March 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/12531
Title: ESB-2010.0254 - [RedHat] thunderbird: Multiple vulnerabilities
Date: 18 March 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/12530
Title: ESB-2010.0253 - [RedHat] kernel: Multiple vulnerabilities
Date: 17 March 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/12529
Title: ESB-2010.0252 - ALERT [Win] HP Small Form Factor or Microtower PC
with
Broadcom Integrated NIC Firmware: Execute arbitrary code/commands -
Remote/unauthenticated
Date: 17 March 2010
OS: Windows XP, HP-UX, Windows 2000, Windows 7, Windows Vista
URL: http://www.auscert.org.au/12527
Title: ESB-2010.0251 - ALERT [Win] SAP MaxDB: Administrator compromise -
Remote/unauthenticated
Date: 17 March 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/12526
Title: ESB-2010.0250 - [SUSE][OpenSUSE] OpenOffice.org: Multiple
vulnerabilities
Date: 17 March 2010
OS: Other Linux Variants, SUSE
URL: http://www.auscert.org.au/12525
Title: ESB-2010.0249 - [Linux][Debian] drbd8: Increased privileges -
Existing
account
Date: 16 March 2010
OS: Red Hat Linux, SUSE, Other Linux Variants, Debian GNU/Linux, Ubuntu
URL: http://www.auscert.org.au/12523
Title: ESB-2010.0248 - [UNIX/Linux][RedHat] tar and cpio: Multiple
vulnerabilities
Date: 16 March 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/12522
Title: ESB-2010.0247 - [Win][UNIX/Linux][RedHat] pango: Denial of service -
Remote with user interaction
Date: 16 March 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/12520
Title: ESB-2010.0246 - [SUSE][OpenSUSE] Multiple Packages: Multiple
vulnerabilities
Date: 16 March 2010
OS: Other Linux Variants, SUSE
URL: http://www.auscert.org.au/12519
Title: ESB-2010.0245 - [Win][UNIX/Linux][Debian] pulseaudio: Denial of
service
- Existing account
Date: 16 March 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/12518
Title: ESB-2010.0244 - [Debian] drupal6: Cross-site scripting -
Remote/unauthenticated
Date: 15 March 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/12515
Title: ESB-2010.0243 - [Win][UNIX/Linux][Debian] moin: Multiple
vulnerabilities
Date: 15 March 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/12514
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20100319/63229f71/attachment.html>
More information about the AusNOG
mailing list