[AusNOG] AusCERT Week in Review - Week Ending 28/04/2006
matthew at auscert.org.au
matthew at auscert.org.au
Fri Apr 28 17:23:46 EST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi all,
The following is a summary of what we have pushed to our subscribers for
the past week.
In other news the past two days has seen another trojan-spam run ala:
http://www.auscert.org.au/render.html?it=6195
We are particulary interested in any feedback about as the secondary
infection process involves a Hacker Defender rootkit that was being
distributed via:
nyneznay. com/cgi-bin/dloader.cgi
I hope this is of some use. Feedback appreciated.
Best regards,
AusCERT Week in Review
28 April 2006
Papers, Articles and other documents:
- -------------------------------------
Alerts, Advisories and Updates:
- -------------------------------
Title: AL-2006.0030 -- [Mac][OSX] -- Multiple unpatched Mac OS X
vulnerabilities in Safari, BOMArchiveHelper and graphics handling
routines
Date: 28 April 2006
URL: http://www.auscert.org.au/6250
Title: AL-2006.0029 -- [Win] -- Vulnerability in the handling of HTML OBJECT
tags by several Microsoft products
Date: 27 April 2006
URL: http://www.auscert.org.au/6240
Title: AU-2006.0012 -- AusCERT Update - [Win] - Microsoft Security Bulletin
MS06-015 Re-Release
Date: 27 April 2006
URL: http://www.auscert.org.au/6239
External Security Bulletins:
- ----------------------------
Title: ESB-2005.0940 -- [HP-UX] -- SSRT051074 Revised - HP-UX Running xterm
Local Unauthorized Access
Date: 28 April 2006
OS: HP-UX
URL: http://www.auscert.org.au/5774
Title: ESB-2006.0306 -- [NetBSD] -- An audio subsystem race condition may
crash the system
Date: 28 April 2006
OS: Other BSD Variants
URL: http://www.auscert.org.au/6249
Title: ESB-2006.0305 -- Scripts in eBay Postings May Enable Phishing Attacks
Date: 28 April 2006
OS: HP Tru64 UNIX, Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD,
HP-UX, Debian GNU/Linux, Red Hat Linux, AIX, Novell Netware, Windows
2003, Windows 2000, Windows NT 4, Windows ME, Windows XP, Windows
98/98SE, Mac OS X, Windows CE
URL: http://www.auscert.org.au/6248
Title: ESB-2006.0304 -- [Win][Linux][HP-UX][Solaris] -- HP Oracle for OpenView
(OfO) Critical Patch Update April 2006
Date: 28 April 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Windows 2000, Other Linux
Variants, Red Hat Linux, Windows NT 4, HP-UX
URL: http://www.auscert.org.au/6247
Title: ESB-2006.0303 -- [Debian] -- New Mozilla packages fix several
vulnerabilities
Date: 28 April 2006
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/6246
Title: ESB-2006.0302 -- [UNIX/Linux][Debian] -- New OpenVPN packages fix
arbitrary code execution
Date: 28 April 2006
OS: Solaris, Debian GNU/Linux, Other BSD Variants, Windows 2003, OpenBSD,
Windows 2000, FreeBSD, Other Linux Variants, Windows XP, Red Hat Linux
URL: http://www.auscert.org.au/6245
Title: ESB-2006.0301 -- [Win][Linux][HP-UX][Solaris][AIX] -- Sun Java System
Directory Server: Denial of Service May Occur Due to Large Memory
Allocation for Specific LDAP Requests
Date: 28 April 2006
OS: Solaris, Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux
Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6244
Title: ESB-2006.0300 -- [Win] -- Juniper Networks SSL-VPN Client Buffer
Overflow
Date: 28 April 2006
OS: Windows 2003, Windows 2000, Windows XP, Windows NT 4
URL: http://www.auscert.org.au/6243
Title: ESB-2006.0299 -- [UNIX/Linux][Debian] -- New abcmidi packages fix
arbitrary code execution
Date: 28 April 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
AIX
URL: http://www.auscert.org.au/6242
Title: ESB-2006.0298 -- [Debian] -- New Cyrus SASL packages fix denial of
service
Date: 28 April 2006
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/6241
Title: ESB-2006.0297 -- [Debian] -- New Mozilla Firefox packages fix several
vulnerabilities
Date: 27 April 2006
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/6238
Title: ESB-2006.0296 -- [Win][UNIX/Linux][RedHat] -- Moderate: php security
update
Date: 26 April 2006
OS: Solaris, HP Tru64 UNIX, Windows 98/98SE, Debian GNU/Linux, Other BSD
Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other
Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, Mac OS X,
HP-UX, AIX, Windows ME
URL: http://www.auscert.org.au/6237
Title: ESB-2006.0295 -- [UNIX/Linux][RedHat] -- Moderate: ipsec-tools security
update
Date: 26 April 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6236
Title: ESB-2006.0294 -- [UNIX/Linux][Debian] -- New abc2ps packages fix
arbitrary code execution
Date: 26 April 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6235
Title: ESB-2006.0293 -- [Solaris] -- Privileged Applications Linked to
libpkcs11(3LIB) Which Obtain Password Entries Using getpwnam(3C) May
Fail or Possibly Grant Elevated Privileges to Local Users
Date: 26 April 2006
OS: Solaris
URL: http://www.auscert.org.au/6234
Title: ESB-2006.0292 -- [UNIX/Linux][Debian] -- New gdm packages fix local
root exploit
Date: 26 April 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6233
Title: ESB-2006.0291 -- [Win][UNIX/Linux][Debian][Mac] -- New blender packages
fix several vulnerabilities
Date: 26 April 2006
OS: Solaris, HP Tru64 UNIX, Windows 98/98SE, Debian GNU/Linux, Other BSD
Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other
Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, Mac OS X,
HP-UX, AIX, Windows ME
URL: http://www.auscert.org.au/6232
Title: ESB-2006.0290 -- [UNIX/Linux] -- Cyrus-SASL DIGEST-MD5
Pre-Authentication Denial of Service
Date: 24 April 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
AIX
URL: http://www.auscert.org.au/6231
Title: ESB-2006.0289 -- [SCO] -- X Server Arbitrary Code Execution
Vulnerability
Date: 24 April 2006
URL: http://www.auscert.org.au/6230
Title: ESB-2006.0288 -- [SCO] -- CUPS Multiple Buffer Overflow Vulnerabilities
Date: 24 April 2006
URL: http://www.auscert.org.au/6229
Title: ESB-2006.0287 -- [SCO] -- GhostScript Insecure Temporary File Creation
Vulnerability
Date: 24 April 2006
URL: http://www.auscert.org.au/6228
Title: ESB-2006.0286 -- [Linux][Debian][FreeBSD] -- New zgv and xzgv packages
fix arbitrary code execution
Date: 24 April 2006
OS: Debian GNU/Linux, FreeBSD, Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/6227
Title: ESB-2006.0285 -- [RedHat] -- Critical: thunderbird security update
Date: 24 April 2006
OS: Red Hat Linux
URL: http://www.auscert.org.au/6226
Title: ESB-2006.0261 -- [HP-UX] -- HP-UX running Sendmail, Remote Execution of
Arbitrary Code
Date: 28 April 2006
OS: HP-UX
URL: http://www.auscert.org.au/6193
Title: ESB-2006.0078 -- [Cisco] -- Cisco VPN 3000 Concentrator Vulnerable to
Crafted HTTP Attack
Date: 27 April 2006
OS: Cisco Products
URL: http://www.auscert.org.au/5970
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (FreeBSD)
Comment: http://www.auscert.org.au/render.html?it=1967
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRFHDAih9+71yA2DNAQKnigP/TRCm7cTiwtLdYblKEqyBELAzVGy/YTfS
tvl3pSlMgyNfX8xWAiK0fKOIJzYAptUTcyiuBdt8XdcZZsJAWcqTnK9PTtQPi1B9
g9+uFJ96v3wwUWIGbf8Dj16UBXHNhhvdQWpCPkEVXJIhvuAfUGaykqN3e+hNSf6q
6LokA+6ReaQ=
=X737
-----END PGP SIGNATURE-----
More information about the AusNOG
mailing list