[AusNOG] AusCERT Week in Review - Week Ending 05/05/2006
matthew at auscert.org.au
matthew at auscert.org.au
Fri May 5 17:16:06 EST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi all,
The following is a summary of what we have pushed to our subscribers for
the past week.
I hope this is of some use. Feedback appreciated.
Best regards,
- -- Matthew McGlashan --
Coordination Centre Team Leader | Hotline: +61 7 3365 4417
Australian Computer Emergency Response Team | Direct: +61 7 3365 7924
(AusCERT) | Fax: +61 7 3365 7031
The University of Queensland | WWW: www.auscert.org.au
Qld 4072 Australia | Email: auscert at auscert.org.au
AusCERT Week in Review
05 May 2006
Alerts, Advisories and Updates:
- -------------------------------
Title: AU-2006.0013 -- AusCERT Update - [Win][UNIX/Linux] - MySQL 4.1.19 now
available fixing recent vulnerabilities
Date: 05 May 2006
URL: http://www.auscert.org.au/6267
Title: AL-2006.0033 -- [Win][UNIX/Linux] -- MySQL vulnerabilities allow
information disclosure and remote code execution
Date: 05 May 2006
URL: http://www.auscert.org.au/6261
Title: AL-2006.0034 -- [Win][UNIX/Linux] -- Exploit code publicly disclosed
for unpatched Oracle vulnerability
Date: 04 May 2006
URL: http://www.auscert.org.au/6266
Title: AL-2006.0032 -- [Win][UNIX/Linux] -- Firefox vulnerability may allow
remote code execution
Date: 04 May 2006
URL: http://www.auscert.org.au/6260
Title: AL-2006.0031 -- [Win][UNIX/Linux] -- Vulnerabilities in multiple phpBB
mods allow remote code execution
Date: 03 May 2006
URL: http://www.auscert.org.au/6258
Title: AA-2006.0025 -- [Win] -- Internet Explorer "mhtml" vulnerability could
allow theft of sensitive information
Date: 02 May 2006
URL: http://www.auscert.org.au/6256
External Security Bulletins:
- ----------------------------
Title: ESB-2006.0319 -- [Win][UNIX/Linux] -- Multiple patches for IBM Tivoli
Directory Server, Tivoli Identity Manager and Websphere Application
Server
Date: 05 May 2006
OS: Solaris, HP Tru64 UNIX, Windows 98/98SE, Debian GNU/Linux, Other BSD
Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other
Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, HP-UX, AIX,
Windows ME
URL: http://www.auscert.org.au/6270
Title: ESB-2006.0318 -- [Debian] -- New Mozilla Thunderbird packages fix
several vulnerabilities
Date: 05 May 2006
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/6269
Title: ESB-2006.0317 -- [RedHat] -- Important: xorg-x11 security update
Date: 05 May 2006
OS: Red Hat Linux
URL: http://www.auscert.org.au/6268
Title: ESB-2006.0316 -- [RedHat] -- Moderate: squirrelmail security update
Date: 04 May 2006
OS: Red Hat Linux
URL: http://www.auscert.org.au/6265
Title: ESB-2006.0315 -- [RedHat] -- Moderate: ethereal security update
Date: 04 May 2006
OS: Red Hat Linux
URL: http://www.auscert.org.au/6264
Title: ESB-2006.0314 -- [Win][UNIX/Linux][RedHat] -- Dia security update
Date: 04 May 2006
OS: Solaris, HP Tru64 UNIX, Windows 98/98SE, Debian GNU/Linux, Other BSD
Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other
Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, Mac OS X,
HP-UX, AIX, Windows ME
URL: http://www.auscert.org.au/6263
Title: ESB-2006.0313 -- [UNIX/Linux][Debian] -- New ClamAV packages fix denial
of service or arbitrary code execution
Date: 04 May 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6262
Title: ESB-2006.0312 -- [UNIX/Linux] -- Buffer overflow in the Xrender
extension of the X.Org server
Date: 03 May 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6259
Title: ESB-2006.0311 -- [Win][UNIX/Linux][Debian] -- New Ethereal packages fix
several vulnerabilities
Date: 03 May 2006
OS: Solaris, HP Tru64 UNIX, Windows 98/98SE, Debian GNU/Linux, Other BSD
Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other
Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, Mac OS X,
HP-UX, AIX, Windows ME
URL: http://www.auscert.org.au/6257
Title: ESB-2006.0310 -- [Cisco] -- Cisco Unity Express Expired Password Reset
Privilege Escalation
Date: 02 May 2006
OS: Cisco Products
URL: http://www.auscert.org.au/6255
Title: ESB-2006.0309 -- [Win][UNIX/Linux][Cisco][Solaris] -- Vulnerability
Issues in Implementations of the DNS Protocol
Date: 02 May 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants,
Windows XP, Cisco Products, Red Hat Linux, Windows NT 4, HP-UX, AIX
URL: http://www.auscert.org.au/6254
Title: ESB-2006.0308 -- [UNIX/Linux][Debian] -- New Asterisk packages fix
arbitrary code execution
Date: 02 May 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6253
Title: ESB-2006.0307 -- [Linux][Debian] -- New resmgr packages fix
unauthorised access
Date: 02 May 2006
OS: Debian GNU/Linux, Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/6252
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (FreeBSD)
Comment: http://www.auscert.org.au/render.html?it=1967
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRFr7tSh9+71yA2DNAQJrTwQAlwqGICyQSM9WnM6za/5+PqwrfZ2ce8BK
uVkhpTQlIsxA7pdZZqdHNDd7xfEjNd/Vt3K26sOELFs0AkJtPKOOCWMkVD6gNANW
WF9DypypKCwxrEvUZHHjXqcV7nA9aq1YNVYRPkSLWN8d8YTv43ZCLxF9sYjXMoL8
G1CmLr7FHxg=
=se/h
-----END PGP SIGNATURE-----
More information about the AusNOG
mailing list