[AusNOG] AusCERT Week in Review - Week Ending 09/06/2006
matthew at auscert.org.au
matthew at auscert.org.au
Fri Jun 9 17:19:56 EST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
G'day all,
The following is a summary of what we have pushed to our subscribers for
the past week.
Have a good weekend,
- -- Matthew McGlashan --
Coordination Centre Team Leader | Hotline: +61 7 3365 4417
Australian Computer Emergency Response Team | Direct: +61 7 3365 7924
(AusCERT) | Fax: +61 7 3365 7031
The University of Queensland | WWW: www.auscert.org.au
Qld 4072 Australia | Email: auscert at auscert.org.au
AusCERT Week in Review
09 June 2006
Papers, Articles and other documents:
- -------------------------------------
Alerts, Advisories and Updates:
- -------------------------------
Title: AA-2006.0034 -- [Win] -- MailMarshal 6.1 ACE content filter bypass
Date: 07 June 2006
URL: http://www.auscert.org.au/6374
Title: AA-2006.0033 -- [Win] -- JIWA Financials reporting allows execution of
arbitrary SQL commands
Date: 06 June 2006
URL: http://www.auscert.org.au/6359
External Security Bulletins:
- ----------------------------
Title: ESB-2006.0400 -- [Win][Linux][HP-UX][IRIX][Solaris][AIX][Mac] --
Incomplete Authentication and Authorization in Sun Grid Engine 5.3 and
N1 Grid Engine 6.0 Certificate Security Protocol (CSP) Mode
Date: 09 June 2006
OS: Solaris, Debian GNU/Linux, IRIX, Windows 2003, Windows 2000, Other
Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, HP-UX, AIX
URL: http://www.auscert.org.au/6381
Title: ESB-2006.0399 -- [Win][UNIX/Linux][Debian] -- New TIFF packages fix
arbitrary code execution
Date: 09 June 2006
OS: Solaris, HP Tru64 UNIX, Windows 98/98SE, Debian GNU/Linux, Other BSD
Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other
Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, Mac OS X,
HP-UX, AIX, Windows ME
URL: http://www.auscert.org.au/6380
Title: ESB-2006.0398 -- [Win][UNIX/Linux][Debian] -- New MySQL 4.1 packages
fix SQL injection
Date: 09 June 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants,
Windows XP, Red Hat Linux, Windows NT 4, HP-UX, AIX
URL: http://www.auscert.org.au/6379
Title: ESB-2006.0397 -- [UNIX/Linux][Debian] -- New xine-ui packages fix
denial of service
Date: 09 June 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6378
Title: ESB-2006.0396 -- [UNIX/Linux][Debian] -- New gforge packages fix
cross-site scripting
Date: 09 June 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6377
Title: ESB-2006.0395 -- [NetBSD] -- FPU Information leak on i386/amd64/Xen
platforms with AMD CPUs
Date: 09 June 2006
OS: Other BSD Variants
URL: http://www.auscert.org.au/6376
Title: ESB-2006.0394 -- [NetBSD] -- IPv6 socket options can crash the system
Date: 09 June 2006
URL: http://www.auscert.org.au/6375
Title: ESB-2006.0393 -- [RedHat] -- Moderate: spamassassin security update
Date: 07 June 2006
OS: Red Hat Linux
URL: http://www.auscert.org.au/6373
Title: ESB-2006.0392 -- [Win][UNIX/Linux][Debian][OSX] -- New spamassassin
packages fix remote command execution
Date: 07 June 2006
OS: HP Tru64 UNIX, Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD,
HP-UX, Debian GNU/Linux, Other Linux Variants, Red Hat Linux, AIX,
Windows 2003, Windows 2000, Windows NT 4, Windows XP, Mac OS X
URL: http://www.auscert.org.au/6372
Title: ESB-2006.0391 -- [UNIX/Linux][Debian] -- New xmcd packages fix denial
of service
Date: 06 June 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6371
Title: ESB-2006.0390 -- [Win][UNIX/Linux][HP-UX] -- HP-UX Mozilla Remote
Execution of Arbitrary Code, Denial of Service (DoS)
Date: 06 June 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants,
Windows XP, Red Hat Linux, Windows NT 4, HP-UX, AIX
URL: http://www.auscert.org.au/6370
Title: ESB-2006.0389 -- [Solaris] -- Simultaneous Multi-Threading Processors
May Leak Information
Date: 05 June 2006
OS: Solaris
URL: http://www.auscert.org.au/6369
Title: ESB-2006.0388 -- [Solaris] -- Security Vulnerability With Sun StorADE
Version 2.4 Installation
Date: 05 June 2006
OS: Solaris
URL: http://www.auscert.org.au/6368
Title: ESB-2006.0387 -- [Win][UNIX/Linux][Debian] -- New PostgreSQL packages
fix encoding vulnerabilities
Date: 05 June 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants,
Windows XP, Red Hat Linux, Windows NT 4, Mac OS X, HP-UX, AIX
URL: http://www.auscert.org.au/6367
Title: ESB-2006.0386 -- [UNIX/Linux][Debian] -- New centericq packages fix
arbitrary code execution
Date: 05 June 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
AIX
URL: http://www.auscert.org.au/6366
Title: ESB-2006.0385 -- [UNIX/Linux][Debian] -- New freeradius packages fix
arbitrary code execution
Date: 05 June 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
AIX
URL: http://www.auscert.org.au/6365
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (FreeBSD)
Comment: http://www.auscert.org.au/render.html?it=1967
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRIkhHCh9+71yA2DNAQJsFwP+Pip0gd3GvMuODm/a9117VkDdEPDnryU/
1t+fvfl+Lvgz6K5y8utnYFSCRkKcDZNKmGdEYkxgpDTS5kdKQRxKISxk6m3tApJm
h5geXcGAu29096iRBM+718K8jINi24hRZ0vCFcKEeELepyMeueDTur6BRGKse6GN
AnZCAVAQ5Is=
=OtQb
-----END PGP SIGNATURE-----
More information about the AusNOG
mailing list