[AusNOG] AusCERT Week in Review - Week Ending 27/10/2006
matthew at auscert.org.au
matthew at auscert.org.au
Tue Oct 31 16:02:05 EST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Greetings AusNOG,
Our week-in-review for the week gone.
Best,
- -- Matthew McGlashan --
Coordination Centre Team Leader | Hotline: +61 7 3365 4417
Australian Computer Emergency Response Team | Direct: +61 7 3365 7924
(AusCERT) | Fax: +61 7 3365 7031
The University of Queensland | WWW: www.auscert.org.au
Qld 4072 Australia | Email: auscert at auscert.org.au
Alerts, Advisories and Updates:
- -------------------------------
Title: AA-2006.0088 -- [Win][UNIX/Linux] -- Lotus Domino malformed GIF
attachment denial of service
Date: 27 October 2006
URL: http://www.auscert.org.au/6914
Title: AA-2006.0087 -- [UNIX/Linux][Win] -- IBM DB2 - Label Based Access
Control may not apply row protection
Date: 27 October 2006
URL: http://www.auscert.org.au/6913
Title: AU-2006.0038 -- AusCERT Update - [Win][UNIX/Linux] - Analysis of the
Oracle October 2006 Critical Patch Update
Date: 25 October 2006
URL: http://www.auscert.org.au/6886
Title: AL-2006.0097 -- [Win] -- Flickr site spoofed by trojan email
Date: 25 October 2006
URL: http://www.auscert.org.au/6907
Title: AU-2006.0040 -- AusCERT Update - [Win] - CA BrightStor ARCserve Backup
and CA Protection Suites - previous update did not fix remote
vulnerability
Date: 24 October 2006
URL: http://www.auscert.org.au/6903
Title: AA-2006.0086 -- [Win] -- IBM Lotus Notes client - insecure file
permissions vulnerability
Date: 23 October 2006
URL: http://www.auscert.org.au/6900
Title: AL-2006.0096 -- [Win][Linux][HP-UX][Solaris][AIX] -- Novell eDirectory
- three critical vulnerabilities allow remote compromise
Date: 23 October 2006
URL: http://www.auscert.org.au/6898
External Security Bulletins:
- ----------------------------
Title: ESB-2006.0791 -- [Solaris][Linux][HP-UX] -- Java Enterprise System and
Solaris - Security Vulnerability Issue of Forged RSA Signatures
Date: 27 October 2006
OS: Solaris, Debian GNU/Linux, Other Linux Variants, Red Hat Linux, HP-UX
URL: http://www.auscert.org.au/6912
Title: ESB-2006.0790 -- [Linux][Solaris] -- Sun Java System/iPlanet Messaging
Server Webmail - email JavaScript can be executed in user's browser
Date: 27 October 2006
OS: Solaris, Debian GNU/Linux, Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/6911
Title: ESB-2006.0789 -- [Win][Linux][HP-UX][Solaris] -- HP Oracle for OpenView
(OfO) Critical Patch Update October 2006
Date: 26 October 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Windows 2003, Windows 2000,
Other Linux Variants, Red Hat Linux, HP-UX
URL: http://www.auscert.org.au/6910
Title: ESB-2006.0788 -- [Win] -- Winamp - two remote buffer overflow
vulnerabilities
Date: 26 October 2006
OS: Windows 98/98SE, Windows 2000, Windows XP, Windows ME
URL: http://www.auscert.org.au/6909
Title: ESB-2006.0787 -- [Linux] -- Cisco Security Agent for Linux Port Scan
Denial of Service
Date: 26 October 2006
OS: Debian GNU/Linux, Other Linux Variants, Cisco Products, Red Hat Linux
URL: http://www.auscert.org.au/6908
Title: ESB-2006.0786 -- [UNIX/Linux][Win][Debian] -- New webmin packages fix
input validation problems
Date: 24 October 2006
OS: Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD, HP-UX, Debian
GNU/Linux, Other Linux Variants, Red Hat Linux, AIX, Windows 2003,
Windows 2000, Windows NT 4, Windows XP, Mac OS X
URL: http://www.auscert.org.au/6906
Title: ESB-2006.0785 -- [Win] -- Symantec Device Driver Elevation of Privilege
Date: 24 October 2006
OS: Windows 2003, Windows 2000, Windows XP
URL: http://www.auscert.org.au/6905
Title: ESB-2006.0784 -- [Win] -- Symantec Mail Security for Domino Server
creates open relay
Date: 24 October 2006
OS: Windows 2003, Windows 2000
URL: http://www.auscert.org.au/6904
Title: ESB-2006.0783 -- [Win][Linux][Solaris][OSX] -- HTTP header injection
vulnerabilities in Adobe Flash Player
Date: 23 October 2006
OS: Solaris, Windows 98/98SE, Debian GNU/Linux, Windows 2003, Windows 2000,
Other Linux Variants, Windows XP, Red Hat Linux, Mac OS X, Windows ME
URL: http://www.auscert.org.au/6902
Title: ESB-2006.0782 -- [Win] -- Security Implications of failing to correctly
use filtering in .NET web applications
Date: 23 October 2006
OS: Windows 2003, Windows 2000
URL: http://www.auscert.org.au/6901
Title: ESB-2006.0781 -- [Debian] -- New python2.4 packages fix arbitrary code
execution
Date: 25 October 2006
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/6899
Title: ESB-2006.0728 -- [Win][Linux][Solaris] -- Security Vulnerability in RSA
Signature Verification Impacting Multiple SUN Products
Date: 25 October 2006
OS: Red Hat Linux, Windows XP, Other Linux Variants, Windows 2000, Windows
2003, Debian GNU/Linux, Solaris
URL: http://www.auscert.org.au/6822
Title: ESB-2006.0441 -- [Linux][Solaris] -- Sun Java System/iPlanet Messaging
Server vulnerability may allow local access to arbitrary files
Date: 25 October 2006
OS: Red Hat Linux, Other Linux Variants, Debian GNU/Linux, Solaris
URL: http://www.auscert.org.au/6449
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)
Comment: http://www.auscert.org.au/render.html?it=1967
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRUbYzCh9+71yA2DNAQJ/6AP/YYvMBktehNhPc8cFyR6/mOhbtI9j44W4
fzSuzc73RIMLCB2v0gyQGG39k6duTLRGR8UqyVyB7ZPaIQ3Cgw++6zpjlN1AOsgq
dbKHATOhK+yQ54O+PgJgo1NDSO3O1M48KRh/uWOy762Z3IUscOr9H8P+cpVuTU6q
1vVLz4M6MPs=
=wlj7
-----END PGP SIGNATURE-----
More information about the AusNOG
mailing list