[AusNOG] AusCERT Week in Review - Week Ending 20/04/2007
matthew at auscert.org.au
matthew at auscert.org.au
Fri Apr 20 17:02:47 EST 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Greetings all,
Bulletins and alerts we send out for the week.
Best regards,
- -- Matthew McGlashan --
Coordination Centre Team Leader | Hotline: +61 7 3365 4417
Australian Computer Emergency Response Team | Direct: +61 7 3365 7924
(AusCERT) | Fax: +61 7 3365 7031
The University of Queensland | WWW: www.auscert.org.au
Qld 4072 Australia | Email: auscert at auscert.org.au
Alerts, Advisories and Updates:
- -------------------------------
Title: AL-2007.0047 -- [Win] -- Unpatched Windows DNS Server vulnerability may
allow remote compromise of Server 2003 and 2000 systems
Date: 20 April 2007
URL: http://www.auscert.org.au/7486
Title: AL-2007.0049 -- [OSX] -- Apple Security Update 2007-004
Date: 20 April 2007
URL: http://www.auscert.org.au/7505
Title: AU-2007.0013 -- AusCERT Update - [Win] - Updated information on
unpatched Windows DNS Service vulnerability
Date: 20 April 2007
URL: http://www.auscert.org.au/7487
Title: AU-2007.0014 -- AusCERT Update - [Win][UNIX/Linux] - Analysis of the
Oracle April 2007 Critical Patch Update
Date: 19 April 2007
URL: http://www.auscert.org.au/7502
Title: AL-2007.0048 -- [Win][UNIX/Linux] -- Oracle Critical Patch Update - 36
vulnerabilities in Oracle and Peoplesoft products
Date: 18 April 2007
URL: http://www.auscert.org.au/7500
Title: AA-2007.0026 -- [UNIX/Linux] -- FreeRADIUS EAP-TTLS denial of service
vulnerability
Date: 16 April 2007
URL: http://www.auscert.org.au/7491
Title: AA-2007.0025 -- [Win][UNIX/Linux] -- IBM Tivoli Business Service
Manager 4.1 password disclosure vulnerability
Date: 16 April 2007
URL: http://www.auscert.org.au/7490
Title: AA-2007.0024 -- [HP-UX][Solaris][AIX] -- OpenLDAP 2.3.35 fixes ldapi://
vulnerability on HP-UX, Solaris and AIX systems
Date: 16 April 2007
URL: http://www.auscert.org.au/7489
External Security Bulletins:
- ----------------------------
Title: ESB-2006.0728 -- [Win][Linux][Solaris] -- Security Vulnerability in RSA
Signature Verification Impacting Multiple SUN Products
Date: 16 April 2007
OS: Solaris, Debian GNU/Linux, Other Linux Variants, Red Hat Linux, Windows
2003, Windows 2000, Windows XP
URL: http://www.auscert.org.au/6822
Title: ESB-2003.0684 -- [Solaris] -- GNOME 2.0 XScreenSaver Will Not Lock as
Root
Date: 19 April 2007
OS: Solaris
URL: http://www.auscert.org.au/3487
Title: ESB-2006.0301 -- [Win][Linux][HP-UX][Solaris][AIX] -- Sun Java System
Directory Server: Denial of Service May Occur Due to Large Memory
Allocation for Specific LDAP Requests
Date: 17 April 2007
OS: Solaris, HP-UX, Debian GNU/Linux, Other Linux Variants, Red Hat Linux,
AIX, Windows 2003, Windows 2000
URL: http://www.auscert.org.au/6244
Title: ESB-2007.0258 -- [Appliance] -- HP Storage Management Appliance,
Microsoft Patch Applicability MS07-018 to MS07-022
Date: 20 April 2007
URL: http://www.auscert.org.au/7508
Title: ESB-2007.0257 -- [Solaris] -- Multiple Security Vulnerabilities in
Mozilla Layout Engine for Solaris 8, 9 and 10
Date: 20 April 2007
OS: Solaris
URL: http://www.auscert.org.au/7507
Title: ESB-2007.0256 -- [Win][UNIX/Linux] -- HP Oracle for OpenView (OfO)
Critical Patch Update April 2007
Date: 20 April 2007
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Windows 2003, Windows 2000,
Other Linux Variants, Windows XP, Red Hat Linux, HP-UX
URL: http://www.auscert.org.au/7506
Title: ESB-2007.0255 -- [Appliance] -- HP Storage Management Appliance,
Microsoft Patch Applicability MS07-017
Date: 19 April 2007
URL: http://www.auscert.org.au/7504
Title: ESB-2007.0254 -- [Win][UNIX/Linux] -- IBM Tivoli Monitoring Express
Universal Agent Heap Overflow Vunlerability
Date: 19 April 2007
OS: Solaris, Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux
Variants, Windows XP, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/7503
Title: ESB-2007.0253 -- [Win][Netware][Linux] -- Novell Groupwise WebAccess
Base64 Decoding Stack Overflow Vulnerability
Date: 19 April 2007
OS: Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux Variants, Red
Hat Linux, Novell Netware
URL: http://www.auscert.org.au/7501
Title: ESB-2007.0252 -- [Win] -- McAfee VirusScan 8.0 on-access scanner long
unicode file name buffer overflow
Date: 18 April 2007
OS: Windows 98/98SE, Windows 2000, Windows XP, Windows NT 4, Windows Vista,
Windows ME
URL: http://www.auscert.org.au/7499
Title: ESB-2007.0251 -- [Linux][Solaris] -- Security Vulnerability in the Sun
Java Web Console
Date: 18 April 2007
OS: Solaris, Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/7498
Title: ESB-2007.0250 -- [Tru64] -- HP Tru64 UNIX SSL and BIND Remote Arbitrary
Code Execution or Denial of Service
Date: 18 April 2007
OS: HP Tru64 UNIX
URL: http://www.auscert.org.au/7497
Title: ESB-2007.0249 -- [Win] -- Akamai Download Manager ActiveX Stack Buffer
Overflow Vulnerability
Date: 17 April 2007
OS: Windows 2003, Windows 2000, Windows XP
URL: http://www.auscert.org.au/7496
Title: ESB-2007.0248 -- [Win][UNIX/Linux] -- ClamAV CAB File Unstore Buffer
Overflow Vulnerability
Date: 17 April 2007
OS: HP Tru64 UNIX, Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD,
HP-UX, Debian GNU/Linux, Other Linux Variants, Red Hat Linux, AIX,
Windows 2003, Windows 2000, Mac OS X
URL: http://www.auscert.org.au/7495
Title: ESB-2007.0247 -- [Win][UNIX/Linux][RedHat] -- Important: php security
update
Date: 17 April 2007
OS: HP Tru64 UNIX, Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD,
HP-UX, Debian GNU/Linux, Other Linux Variants, Red Hat Linux, AIX,
Windows 2003, Windows 2000, Mac OS X
URL: http://www.auscert.org.au/7494
Title: ESB-2007.0246 -- [UNIX/Linux][RedHat] -- Moderate: freetype security
update
Date: 17 April 2007
OS: HP Tru64 UNIX, Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD,
HP-UX, Debian GNU/Linux, Other Linux Variants, Red Hat Linux, AIX, Mac
OS X
URL: http://www.auscert.org.au/7493
Title: ESB-2007.0245 -- [UNIX/Linux][RedHat] -- Moderate: cups security update
Date: 17 April 2007
OS: HP Tru64 UNIX, Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD,
HP-UX, Debian GNU/Linux, Other Linux Variants, Red Hat Linux, AIX, Mac
OS X
URL: http://www.auscert.org.au/7492
Title: ESB-2007.0244 -- [Solaris] -- Security Vulnerability in the IP
Implementation for Solaris 8 and 9 May Allow a Denial of Service
Date: 16 April 2007
OS: Solaris
URL: http://www.auscert.org.au/7488
Title: ESB-2007.0224 -- [Solaris] -- Security Vulnerability in the SEAM
Kerberized telnetd(1M) Daemon
Date: 16 April 2007
OS: Solaris
URL: http://www.auscert.org.au/7457
Title: ESB-2007.0220 -- [RedHat] -- Important: xorg-x11 security update
Date: 17 April 2007
OS: Red Hat Linux
URL: http://www.auscert.org.au/7453
Title: ESB-2007.0206 -- [Solaris] -- Security Vulnerability in Mozilla 1.7
JavaScript Engine for Solaris
Date: 19 April 2007
OS: Solaris
URL: http://www.auscert.org.au/7435
Title: ESB-2007.0198 -- [Win][Linux][Solaris] -- Multiple vulnerabilities in
StarOffice may allow the execution of arbitrary code
Date: 19 April 2007
OS: Windows ME, Windows Vista, Windows NT 4, Red Hat Linux, Windows XP,
Other Linux Variants, Windows 2000, Windows 2003, Debian GNU/Linux,
Windows 98/98SE, Solaris
URL: http://www.auscert.org.au/7422
Title: ESB-2007.0186 -- [Solaris] -- Security Vulnerability in the Mozilla
js_dtoa() Routine May Result in Denial of Service
Date: 19 April 2007
OS: Solaris
URL: http://www.auscert.org.au/7408
Title: ESB-2007.0108 -- [HP-UX] -- HP-UX Running ARPA Transport, Local Denial
of Service (DoS)
Date: 17 April 2007
OS: HP-UX
URL: http://www.auscert.org.au/7300
Title: ESB-2007.0100 -- [Solaris] -- Security Vulnerabilities in Mozilla 1.7
for Solaris 8, 9 and 10
Date: 17 April 2007
OS: Solaris
URL: http://www.auscert.org.au/7291
Title: ESB-2007.0043 -- [Solaris] -- RSA Signature Forgery Issues in Mozilla
1.7 for Solaris 8, 9 and 10
Date: 17 April 2007
OS: Solaris
URL: http://www.auscert.org.au/7212
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (FreeBSD)
Comment: http://www.auscert.org.au/render.html?it=1967
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBRihllyh9+71yA2DNAQIN2QP/XVlSqFIfJbvRo3ORjHdw8mZjms9zLnAd
RJFkurw9cOC8pwnXuDNY8K1ZTUdQarKPjnHBZN+xCN6W+t2s8EzVuDJUshQTWFhk
SuocRAvmK+mvumOJiORQEgXHj1Xj8oBBwUWVQvVXUkfZ090Zo6zPsms4nFLNwa61
1LOpy+qBKPk=
=fi51
-----END PGP SIGNATURE-----
More information about the AusNOG
mailing list