[AusNOG] AusCERT Week in Review - Week Ending 02/06/2006
matthew at auscert.org.au
matthew at auscert.org.au
Mon Jun 5 14:57:21 EST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
G'day all,
Sorry about the delay on this.
I hope it is still of some use though,
- -- Matthew McGlashan --
Coordination Centre Team Leader | Hotline: +61 7 3365 4417
Australian Computer Emergency Response Team | Direct: +61 7 3365 7924
(AusCERT) | Fax: +61 7 3365 7031
The University of Queensland | WWW: www.auscert.org.au
Qld 4072 Australia | Email: auscert at auscert.org.au
AusCERT Week in Review
02 June 2006
Papers, Articles and other documents:
-------------------------------------
Alerts, Advisories and Updates:
- -------------------------------
Title: AL-2006.0043 -- [Win][UNIX/Linux] -- New Firefox, Thunderbird and
SeaMonkey versions fix multiple vulnerabilities
Date: 02 June 2006
URL: http://www.auscert.org.au/6364
Title: AA-2006.0033 -- [Win] -- JIWA Financials reporting allows execution of
arbitrary SQL commands
Date: 30 May 2006
URL: http://www.auscert.org.au/6359
Title: AL-2006.0042 -- [Win] -- Symantec AntiVirus and Client Security
vulnerable to remote code execution
Date: 29 May 2006
URL: http://www.auscert.org.au/6338
External Security Bulletins:
- ----------------------------
Title: ESB-2006.0384 -- [Win][UNIX/Linux][RedHat] -- Moderate: dia security
update
Date: 02 June 2006
OS: Red Hat Linux
URL: http://www.auscert.org.au/6363
Title: ESB-2006.0383 -- [VMware] -- Corsaire Security Advisory: VMware ESX
Server Cross Site Scripting issue
Date: 02 June 2006
URL: http://www.auscert.org.au/6362
Title: ESB-2006.0382 -- [UNIX/Linux][RedHat] -- Moderate: zebra security
update
Date: 02 June 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6361
Title: ESB-2006.0381 -- [RedHat] -- Moderate: quagga security update
Date: 02 June 2006
OS: Red Hat Linux
URL: http://www.auscert.org.au/6360
Title: ESB-2006.0380 -- [UNIX/Linux][FreeBSD] -- smbfs chroot escape
Date: 01 June 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6358
Title: ESB-2006.0379 -- [UNIX/Linux][Debian] -- New motor packages fix
arbitrary code execution
Date: 01 June 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6357
Title: ESB-2006.0378 -- [UNIX/Linux][FreeBSD] -- Inoperative access controls
in ypserv(8)
Date: 01 June 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6356
Title: ESB-2006.0377 -- [AIX] -- Vulnerability found in lsmcode command
Date: 31 May 2006
OS: AIX
URL: http://www.auscert.org.au/6355
Title: ESB-2006.0376 -- [UNIX/Linux][Debian] -- New lynx and lynx-ssl packages
fix denial of service
Date: 31 May 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6354
Title: ESB-2006.0375 -- [UNIX/Linux][Debian] -- New dovecot packages fix
directory traversal
Date: 30 May 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6353
Title: ESB-2006.0374 -- [UNIX/Linux][Debian] -- New libextractor packages fix
arbitrary code execution
Date: 30 May 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6352
Title: ESB-2006.0373 -- [Linux][Debian] -- New Linux kernel 2.4.17 packages
fix several vulnerabilities
Date: 30 May 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6351
Title: ESB-2006.0372 -- [Debian] -- New awstats packages fix arbitrary command
execution
Date: 30 May 2006
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/6350
Title: ESB-2006.0371 -- [UNIX/Linux][Debian] -- New mpg123 packages fix
arbitrary code execution
Date: 29 May 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
AIX
URL: http://www.auscert.org.au/6349
Title: ESB-2006.0370 -- [SCO] -- Sendmail Arbitrary Code Execution
Vulnerability
Date: 29 May 2006
URL: http://www.auscert.org.au/6348
Title: ESB-2006.0369 -- [Win][UNIX/Linux] -- HP OpenView Network Node Manager
- Remote Unauthorized Privileged Access, Arbitrary Command Execution
Date: 29 May 2006
OS: Solaris, Debian GNU/Linux, Windows 2000, Other Linux Variants, Windows
XP, Red Hat Linux, Windows NT 4, HP-UX
URL: http://www.auscert.org.au/6347
Title: ESB-2006.0368 -- [HP-UX] -- HP-UX Running Software Distributor Local
Elevation of Privilege
Date: 29 May 2006
OS: HP-UX
URL: http://www.auscert.org.au/6346
Title: ESB-2006.0367 -- [Win][UNIX/Linux] -- HP OpenView Storage Data
Protector Remote Arbitrary Command Execution
Date: 29 May 2006
OS: HP-UX
URL: http://www.auscert.org.au/6345
Title: ESB-2006.0366 -- [Debian] -- New MySQL 4.1 packages fix several
vulnerabilities
Date: 29 May 2006
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/6344
Title: ESB-2006.0365 -- [HP-UX] -- HP-UX Local Denial of Service (DoS)
Date: 29 May 2006
OS: HP-UX
URL: http://www.auscert.org.au/6343
Title: ESB-2006.0364 -- [HP-UX] -- HP-UX Running Motif Applications Remote
Arbitrary Code Execution, Denial of Service
Date: 29 May 2006
OS: HP-UX
URL: http://www.auscert.org.au/6342
Title: ESB-2006.0363 -- [Win][Linux][Solaris] -- Cross Site Scripting
Vulnerability in Sun ONE and Sun Java System Applications
Date: 29 May 2006
OS: Solaris, Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux
Variants, Red Hat Linux
URL: http://www.auscert.org.au/6341
Title: ESB-2006.0362 -- [Solaris] -- Security Vulnerability in the Solaris 9
in.ftpd(1M) Server May Allow Unauthorized Directory Access
Date: 29 May 2006
OS: Solaris
URL: http://www.auscert.org.au/6340
Title: ESB-2006.0361 -- [Tru64] -- HP Tru64 UNIX Running Firefox or Mozilla
Application Suite Remote Execution of Arbitrary Code
Date: 29 May 2006
OS: HP Tru64 UNIX
URL: http://www.auscert.org.au/6339
Title: ESB-2006.0360 -- [Solaris] -- Security Vulnerability in Sun N1 System
Manager 1.1
Date: 29 May 2006
OS: Solaris
URL: http://www.auscert.org.au/6337
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (FreeBSD)
Comment: http://www.auscert.org.au/render.html?it=1967
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRIO5sCh9+71yA2DNAQLwagP9FN1Iksu8vI7WniBQoYLBs8g2Skx2vyI4
q9HmL4jIYWTsY82Cd5kJP2GU+Cdf+us6B2R5XXi8bSIiW9Qkrv9LrCw+bn/DUlN5
TrFsMNBrinSNysJlcZNk3g8Z9IKQsEdQbQagwlWAwhabp5HrFK0gukH2aHhBUEfQ
q9Y+vludenI=
=5Nd0
-----END PGP SIGNATURE-----
More information about the AusNOG
mailing list