[AusNOG] AusCERT Week in Review - Week Ending 16/06/2006

matthew at auscert.org.au matthew at auscert.org.au
Fri Jun 16 17:47:08 EST 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Greetings all,

The following is a summary of what we have pushed to our subscribers for
the past week.  The only thing I'd like to point out is that we have done
an Alert about my post yesterday titled "Recent "National Bank" hook trojan
run (AUSCERT#20068883a)":

  AL-2006.0049 -- [Win] -- Malicious "National Bank bankrupt" email links
  to sites targeting multiple web browsers

And now an Update to this:

  AU-2006.0019 -- AusCERT Update - [Win] - Trojan authors target Australian
  web forums

Details below.

Have a good weekend,

- -- Matthew McGlashan --
Coordination Centre Team Leader             | Hotline: +61 7 3365 4417
Australian Computer Emergency Response Team | Direct:  +61 7 3365 7924
(AusCERT)                                   | Fax:     +61 7 3365 7031
The University of Queensland                | WWW:     www.auscert.org.au
Qld 4072 Australia                          | Email: auscert at auscert.org.au

AusCERT Week in Review
16 June 2006

Reminder: Please complete the AusCERT member survey

AusCERT would like to encourage members to complete the AusCERT member survey.
It's your chance to give feedback on member services and go into the draw to 
win one of 2 book prizes or an AusCERT travel mug. You will need to login 
before clicking on the survey link. See the AusCERT web site for more 
information:

   https://www.auscert.org.au/membersurvey

The AusCERT member survey closes on 7 July 2006 at midnight EST.
	

Alerts, Advisories and Updates:
 -------------------------------
Title: AU-2006.0019 -- AusCERT Update - [Win] - Trojan authors target
       Australian web forums 
Date:  16 June 2006
URL:   http://www.auscert.org.au/6411

Title: AU-2006.0018 -- AusCERT Update - [Win] - MS06-011 - Microsoft Security
       Bulletin Re-Release 
Date:  15 June 2006
URL:   http://www.auscert.org.au/6406

Title: AL-2006.0049 -- [Win] -- Malicious "National Bank bankrupt" email links
       to sites targeting multiple web browsers 
Date:  15 June 2006
URL:   http://www.auscert.org.au/6398

Title: AL-2006.0048 -- [UNIX/Linux][Win] -- Sendmail fails to handle malformed
       multipart MIME messages 
Date:  15 June 2006
URL:   http://www.auscert.org.au/6396

Title: AA-2006.0035 -- [Win] -- WinSCP URL handler vulnerability 
Date:  14 June 2006
URL:   http://www.auscert.org.au/6395

Title: AL-2006.0047 -- [Win] -- MS06-024 - Vulnerability in Windows Media
       Player Could Allow Remote Code Execution 
Date:  14 June 2006
URL:   http://www.auscert.org.au/6390

Title: AL-2006.0046 -- [Win][OSX] -- MS06-027, MS06-028 - Vulnerabilities in
       Microsoft Word and Powerpoint Could Allow Remote Code Execution 
Date:  14 June 2006
URL:   http://www.auscert.org.au/6389

Title: AL-2006.0045 -- [Win] -- MS06-021,022,023 - Multiple vulnerabilities in
       Internet Explorer may allow remote compromise 
Date:  14 June 2006
URL:   http://www.auscert.org.au/6388

Title: AL-2006.0044 -- [Win] -- MS06-025, MS06-032 - Vulnerabilities in
       Routing and Remote Access and TCP/IP Could Allow Remote Code Execution 
Date:  14 June 2006
URL:   http://www.auscert.org.au/6386


External Security Bulletins:
- ----------------------------
Title: ESB-2005.0826 -- [Solaris] -- Multiple Security Vulnerabilities in
       Mozilla 
Date:  16 June 2006
OS:    Solaris 
URL:   http://www.auscert.org.au/5619

Title: ESB-2006.0421 -- [HP-UX] -- HP-UX running Support Tools Manager (xstm,
       cstm, stm) Local Denial of Service (DoS) 
Date:  16 June 2006
OS:    HP-UX 
URL:   http://www.auscert.org.au/6410

Title: ESB-2006.0420 -- [Solaris] -- Cisco Secure ACS for UNIX Cross Site
       Scripting Vulnerability 
Date:  16 June 2006
OS:    Solaris 
URL:   http://www.auscert.org.au/6409

Title: ESB-2006.0419 -- [Solaris] -- A Security Vulnerability in sendmail(1M)
       May Allow a Denial of Service (DoS) To Occur 
Date:  16 June 2006
OS:    Solaris 
URL:   http://www.auscert.org.au/6408

Title: ESB-2006.0418 -- [UNIX/Linux][Debian] -- New wv2 packages fix integer
       overflow 
Date:  15 June 2006
OS:    Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
       OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
       AIX 
URL:   http://www.auscert.org.au/6407

Title: ESB-2006.0417 -- [Win][UNIX/Linux][Debian] -- New horde3 and horde2
       packages fix cross-site scripting 
Date:  15 June 2006
OS:    Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
       Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants, Red
       Hat Linux, Mac OS X, HP-UX, AIX 
URL:   http://www.auscert.org.au/6405

Title: ESB-2006.0416 -- [Linux][Debian] -- New Kernel 2.4.27 packages fix
       several vulnerabilities 
Date:  15 June 2006
OS:    Debian GNU/Linux, Other Linux Variants, Red Hat Linux 
URL:   http://www.auscert.org.au/6404

Title: ESB-2006.0415 -- [UNIX/Linux][RedHat] -- Important: kdebase security
       update 
Date:  15 June 2006
OS:    Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
       OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
       AIX 
URL:   http://www.auscert.org.au/6403

Title: ESB-2006.0414 -- [NetBSD] -- Sendmail malformed multipart MIME messages
Date:  15 June 2006
OS:    Other BSD Variants 
URL:   http://www.auscert.org.au/6402

Title: ESB-2006.0413 -- [FreeBSD] -- Incorrect multipart message handling in
       Sendmail 
Date:  15 June 2006
OS:    FreeBSD 
URL:   http://www.auscert.org.au/6401

Title: ESB-2006.0412 -- [AIX] -- Denial of service vulnerability in sendmail 
Date:  15 June 2006
OS:    AIX 
URL:   http://www.auscert.org.au/6400

Title: ESB-2006.0411 -- [AIX] -- Vulnerability found in update_flash command 
Date:  15 June 2006
OS:    AIX 
URL:   http://www.auscert.org.au/6399

Title: ESB-2006.0410 -- [RedHat] -- Important: sendmail security update 
Date:  15 June 2006
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/6397

Title: ESB-2006.0409 -- [Cisco] -- WebVPN Cross-Site Scripting Vulnerability 
Date:  14 June 2006
OS:    Cisco Products 
URL:   http://www.auscert.org.au/6394

Title: ESB-2006.0408 -- [Win] -- MS06-031 - Vulnerability in RPC Mutual
       Authentication Could Allow Spoofing 
Date:  14 June 2006
OS:    Windows 2000 
URL:   http://www.auscert.org.au/6393

Title: ESB-2006.0407 -- [Win] -- MS06-030 - Vulnerability in Server Message
       Block Could Allow Elevation of Privilege 
Date:  14 June 2006
OS:    Windows 2003, Windows 2000, Windows XP 
URL:   http://www.auscert.org.au/6392

Title: ESB-2006.0406 -- [Win9x] -- MS06-026 - Vulnerability in Graphics
       Rendering Engine Could Allow Remote Code Execution 
Date:  14 June 2006
OS:    Windows 98/98SE, Windows ME 
URL:   http://www.auscert.org.au/6391

Title: ESB-2006.0405 -- [Win] -- MS06-029 - Vulnerability in Microsoft
       Exchange Server Running Outlook Web Access Could Allow Script Injection
Date:  14 June 2006
OS:    Windows 2003, Windows 2000 
URL:   http://www.auscert.org.au/6387

Title: ESB-2006.0404 -- [Win][UNIX/Linux][Debian] -- New webcalendar packages
       fix arbitrary code execution 
Date:  13 June 2006
OS:    Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
       Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants, Red
       Hat Linux, Mac OS X, HP-UX, AIX 
URL:   http://www.auscert.org.au/6385

Title: ESB-2006.0403 -- [UNIX/Linux][Debian] -- New freetype packages fix
       several vulnerabilities 
Date:  13 June 2006
OS:    Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
       OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
       AIX 
URL:   http://www.auscert.org.au/6384

Title: ESB-2006.0402 -- [RedHat] -- Important: mysql security update 
Date:  13 June 2006
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/6383

Title: ESB-2006.0401 -- [RedHat] -- Moderate: mailman security update 
Date:  13 June 2006
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/6382

Title: ESB-2006.0158 -- [Solaris] -- Security Vulnerabilities in the Apache
       1.3 Web Server 
Date:  16 June 2006
OS:    Solaris 
URL:   http://www.auscert.org.au/6080


===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert at auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (FreeBSD)
Comment: http://www.auscert.org.au/render.html?it=1967
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBRJJh/Ch9+71yA2DNAQIYeQP+OmW1tZ6m9pMGaZfDJkTyTHu60E+sNvV1
Ie53QHb3IxWfkW5YQfgxi5iLo8qc1jD6jwV1GINnXnE+HSucISj5iPmEqRXdYfAN
rAnx5AFV17zkORWiPNLSmIv2elkAPfoLocxq9u5izRdVIGeY+paHuMbUAfiFjNOD
qs2yNz1OUz4=
=/6lM
-----END PGP SIGNATURE-----




More information about the AusNOG mailing list