[AusNOG] AusCERT Week in Review - Week Ending (03/09/2010) (AUSCERT#20073f686)
Jonathan Levine
jonathan at auscert.org.au
Fri Sep 3 16:41:29 EST 2010
AusCERT Week in Review
3 September 2010
Papers, Articles and other documents:
- -------------------------------------
Title: Microsoft Enhanced Mitigation Experience Toolkit 2.0 is Now Available
Date: 03 September 2010
URL: http://www.auscert.org.au/13287
Title: MOAUB - 30 days of 0days, Binary Analysis and PoCs
Date: 02 September 2010
URL: http://www.auscert.org.au/13283
Alerts, Advisories and Updates:
- -------------------------------
Title: ASB-2010.0201 - [Win][Linux][OSX] Google Chrome: Multiple
vulnerabilities
Date: 03 September 2010
URL: http://www.auscert.org.au/13288
Title: ASB-2010.0200 - [Win][RedHat][Solaris][SUSE] Novell Identity Manager
3.6.1: Administrator compromise - Existing account
Date: 01 September 2010
URL: http://www.auscert.org.au/13279
Title: ASB-2010.0199 - [Win][UNIX/Linux] phpMyAdmin prior to 3.3.6:
Cross-site
scripting - Remote with user interaction
Date: 31 August 2010
URL: http://www.auscert.org.au/13275
External Security Bulletins:
- ----------------------------
Title: ESB-2010.0794 - [RedHat] kernel: Multiple vulnerabilities
Date: 03 September 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13286
Title: ESB-2010.0793 - [Win] HP Operations Agent: Multiple vulnerabilities
Date: 03 September 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008
URL: http://www.auscert.org.au/13285
Title: ESB-2010.0792 - [Win][OSX] iTunes prior to version 10: Multiple
vulnerabilities
Date: 02 September 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista,
Windows Server 2008, Mac OS X
URL: http://www.auscert.org.au/13284
Title: ESB-2010.0791 - [SUSE][OpenSUSE] acroread: Multiple vulnerabilities
Date: 02 September 2010
OS: SUSE
URL: http://www.auscert.org.au/13282
Title: ESB-2010.0790 - [SUSE] kernel: Multiple vulnerabilities
Date: 02 September 2010
OS: SUSE
URL: http://www.auscert.org.au/13281
Title: ESB-2010.0789 - VMware ESX: Multiple vulnerabilities
Date: 01 September 2010
OS: Virtualisation
URL: http://www.auscert.org.au/13280
Title: ESB-2010.0788 - [Win][OSX] QuickTime: Execute arbitrary code/commands
-
Remote with user interaction
Date: 01 September 2010
OS: Windows 2003, Windows XP, Windows 2000, Windows 7, Windows Vista, Mac
OS X, Windows Server 2008
URL: http://www.auscert.org.au/13278
Title: ESB-2010.0787 - [Debian] wireshark: Execute arbitrary code/commands -
Remote/unauthenticated
Date: 01 September 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/13277
Title: ESB-2010.0786 - [Linux] HP Insight Diagnostics Online Edition 8.4 and
earlier: Cross-site scripting - Remote with user interaction
Date: 01 September 2010
OS: Red Hat Linux, HP-UX, SUSE, Other Linux Variants, Debian GNU/Linux,
Ubuntu
URL: http://www.auscert.org.au/13276
Title: ESB-2010.0785 - [Debian] openssl: Execute arbitrary code/commands -
Remote with user interaction
Date: 31 August 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/13274
Title: ESB-2010.0784 - [Debian] openoffice.org: Execute arbitrary
code/commands - Remote with user interaction
Date: 31 August 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/13273
Title: ESB-2010.0783 - [Debian] phpmyadmin: Multiple vulnerabilities
Date: 31 August 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/13272
Title: ESB-2010.0782 - [RedHat] kernel: Multiple vulnerabilities
Date: 31 August 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13271
Title: ESB-2010.0781 - [RedHat] httpd: Multiple vulnerabilities
Date: 31 August 2010
OS: Red Hat Linux
URL: http://www.auscert.org.au/13270
Title: ESB-2010.0780.3 - UPDATE [Win][Linux][HP-UX][Solaris][AIX] DB2:
Multiple vulnerabilities
Date: 01 September 2010
OS: Windows Server 2008, Other Linux Variants, Windows Vista, AIX,
Windows
2000, SUSE, HP-UX, Windows XP, Ubuntu, Debian GNU/Linux, Windows 7,
Red
Hat Linux, Windows 2003, Solaris
URL: http://www.auscert.org.au/13269
Title: ESB-2010.0779 - [Cisco] Cisco IOS XR: Denial of service -
Remote/unauthenticated
Date: 30 August 2010
OS: Cisco Products
URL: http://www.auscert.org.au/13268
Title: ESB-2010.0778 - [Win][UNIX/Linux][Debian] typo3-src: Execute
arbitrary
code/commands - Remote with user interaction
Date: 30 August 2010
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Windows 7,
Mac OS X, Debian GNU/Linux, Ubuntu, HP-UX, Windows XP, Other BSD
Variants, SUSE, OpenBSD, Windows 2000, AIX, FreeBSD, Windows Vista,
Other Linux Variants, Windows Server 2008
URL: http://www.auscert.org.au/13267
Title: ESB-2010.0777 - [Debian] phpmyadmin: Multiple vulnerabilities
Date: 30 August 2010
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/13266
Title: ESB-2010.0774.2 - UPDATE [Win][Linux][OSX] RealPlayer: Execute
arbitrary code/commands - Remote with user interaction
Date: 31 August 2010
OS: Other Linux Variants, Windows Server 2008, Windows Vista, Windows
2000,
SUSE, Windows XP, Ubuntu, Debian GNU/Linux, Mac OS X, Windows 7, Red
Hat Linux, Windows 2003
URL: http://www.auscert.org.au/13262
Title: ESB-2010.0767.2 - UPDATE [Win] Trend Micro Internet Security Pro
2010:
Execute arbitrary code/commands - Remote with user interaction
Date: 01 September 2010
OS: Windows 7, Windows XP, Windows Vista
URL: http://www.auscert.org.au/13255
Title: ESB-2010.0224.3 - UPDATE [VMware ESX][RedHat] VMware: Multiple
vulnerabilities
Date: 01 September 2010
OS: Virtualisation, Red Hat Linux
URL: http://www.auscert.org.au/12489
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list