[AusNOG] AusCERT Week in Review - Week Ending 01/09/2006
matthew at auscert.org.au
matthew at auscert.org.au
Mon Sep 4 08:10:26 EST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Greetings AusNOG,
AusCERT's week-in-review for last week.
Regards,
- - Matthew
Alerts, Advisories and Updates:
- -------------------------------
Title: AL-2006.0073 -- [Win] -- "Sexy Lady" Trojan E-mail
Date: 31 August 2006
URL: http://www.auscert.org.au/6695
Title: AL-2006.0072 -- [Win][UNIX/Linux] -- Joomla! 1.0.11 released correcting
multiple security vulnerabilities
Date: 31 August 2006
URL: http://www.auscert.org.au/6694
Title: AA-2006.0071 -- [Appliance] -- FXPS Print Engine Vulnerabilities
Date: 30 August 2006
URL: http://www.auscert.org.au/6691
Title: AA-2006.0054 -- [Win][UNIX/Linux] -- Buffer overflow in PHP sscanf
function may allow execution of arbitrary code
Date: 30 August 2006
URL: http://www.auscert.org.au/6590
Title: AA-2006.0070 -- [UNIX/Linux] -- Multiple vulnerabilities in Asterisk
Date: 29 August 2006
URL: http://www.auscert.org.au/6686
Title: AA-2006.0069 -- [Win] -- Vulnerability in Alt-N MDaemon POP3 e-mail
server
Date: 29 August 2006
URL: http://www.auscert.org.au/6685
External Security Bulletins:
- ----------------------------
Title: ESB-2006.0627 -- [UNIX/Linux][Debian] -- New sendmail packages fix
denial of service
Date: 31 August 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
AIX
URL: http://www.auscert.org.au/6696
Title: ESB-2006.0626 -- [UNIX/Linux][Debian] -- New gtetrinet packages fix
arbitrary code execution
Date: 31 August 2006
OS: Debian GNU/Linux, Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/6693
Title: ESB-2006.0625 -- [UNIX/Linux][Debian] -- New libmusicbrainz packages
fix arbitrary code execution
Date: 30 August 2006
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
AIX
URL: http://www.auscert.org.au/6692
Title: ESB-2006.0624 -- [Win][UNIX/Linux] -- Symantec Enterprise Security
Manager(TM) Race Condition Fix
Date: 30 August 2006
OS: Solaris, Windows 2003, Windows 2000, Other Linux Variants, Windows XP,
Red Hat Linux, Windows NT 4, HP-UX, AIX
URL: http://www.auscert.org.au/6690
Title: ESB-2006.0623 -- [Win][UNIX/Linux] -- SAP-DB/MaxDB WebDBM remote buffer
overflow
Date: 30 August 2006
OS: Solaris, Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux
Variants, Windows XP, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/6689
Title: ESB-2006.0622 -- [Debian] -- New Mozilla Firefox packages fix several
vulnerabilities
Date: 30 August 2006
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/6688
Title: ESB-2006.0621 -- [Debian] -- New Mozilla packages fix several
vulnerabilities
Date: 29 August 2006
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/6687
Title: ESB-2006.0620 -- [RedHat] -- Moderate: kdegraphics security update
Date: 29 August 2006
OS: Red Hat Linux
URL: http://www.auscert.org.au/6684
Title: ESB-2006.0619 -- [Cisco] -- Cisco Security Response: NAC Agent
Installation Bypass
Date: 29 August 2006
OS: Cisco Products
URL: http://www.auscert.org.au/6683
Title: ESB-2006.0618 -- [Debian] -- New Mozilla Thunderbird packages fix
several problems
Date: 29 August 2006
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/6682
Title: ESB-2006.0617 -- [Solaris] -- Multiple Security Vulnerabilites in
Mozilla 1.4 and 1.7 for Solaris and for Sun JDS for Linux
Date: 28 August 2006
OS: Solaris
URL: http://www.auscert.org.au/6681
Title: ESB-2006.0616 -- [Win][UNIX/Linux][Debian] -- New streamripper packages
fix arbitrary code execution
Date: 28 August 2006
OS: Solaris, Windows 98/98SE, Debian GNU/Linux, Other BSD Variants,
OpenBSD, Windows 2000, FreeBSD, Other Linux Variants, Red Hat Linux,
Mac OS X
URL: http://www.auscert.org.au/6680
Title: ESB-2006.0615 -- [Debian] -- New ruby1.8 packages fix several
vulnerabilities
Date: 28 August 2006
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/6679
Title: ESB-2006.0614 -- [Debian] -- New kdebase packages fix information
disclosure
Date: 28 August 2006
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/6678
Title: ESB-2006.0613 -- [OpenBSD] -- a problem in isakmpd(8) caused IPsec to
run partly without replay protection
Date: 28 August 2006
OS: OpenBSD
URL: http://www.auscert.org.au/6677
Title: ESB-2006.0612 -- [OpenBSD] -- kernel panic when more than the default
number of semaphores have been allocated
Date: 28 August 2006
OS: OpenBSD
URL: http://www.auscert.org.au/6676
Title: ESB-2006.0611 -- [OpenBSD] -- off-by-one error in dhcpd(8)
Date: 28 August 2006
OS: OpenBSD
URL: http://www.auscert.org.au/6675
Title: ESB-2006.0610 -- [OpenBSD] -- potential denial of service problem in
sendmail
Date: 28 August 2006
OS: OpenBSD
URL: http://www.auscert.org.au/6674
Title: ESB-2006.0609 -- [Solaris] -- pkgadd(1M) May Set Incorrect Permissions
if The pkgmap(4) File Contains a "?" in The "Mode" Field
Date: 28 August 2006
OS: Solaris, HP-UX
URL: http://www.auscert.org.au/6673
Title: ESB-2006.0608 -- [Solaris] -- Security Vulnerability in the Sun Java
System Content Delivery Server May Allow Unauthorized Data Access
Date: 28 August 2006
OS: Solaris, HP-UX
URL: http://www.auscert.org.au/6672
Title: ESB-2006.0604 -- [FreeBSD] -- Buffer overflow in sppp(4)
Date: 30 August 2006
OS: FreeBSD
URL: http://www.auscert.org.au/6665
Title: ESB-2006.0565 -- [Linux][AIX] -- MIT Kerberos 5 - multiple local
privilege escalation vulnerabilities
Date: 28 August 2006
OS: AIX, Red Hat Linux, Other Linux Variants, Debian GNU/Linux
URL: http://www.auscert.org.au/6603
Title: ESB-2006.0544 -- [RedHat] -- Critical: seamonkey security update
Date: 29 August 2006
OS: Red Hat Linux
URL: http://www.auscert.org.au/6573
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (FreeBSD)
Comment: http://www.auscert.org.au/render.html?it=1967
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRPtS0ih9+71yA2DNAQJDMAP/a5VRWR6a/jKqUw8g9FT9ER94NCUKtetI
I8Q/JWPHMqyyce1qlYCrBIWDGAsFZnsDwbOlv7y+g5NYwsYDpK00lYukJ0LeHR/K
7vCpVkP7Xs9vDqlrM5BAGp4GvTB0xUh1ieyas3nuFyotCT98kidoOpyt/pACT097
Y07yfsYPYRQ=
=Kw8u
-----END PGP SIGNATURE-----
More information about the AusNOG
mailing list