[AusNOG] AusCERT Week in Review - Week Ending 28/12/2007 (AUSCERT#20073F686)
Richard Billington
richard at auscert.org.au
Fri Dec 28 17:10:06 EST 2007
AusCERT Week in Review
28 December 2007
Papers, Articles and other documents:
- - -------------------------------------
Title: AusCERT DDoS Paper
Date: 23 December 2007
URL: http://www.auscert.org.au/8549
Web Log Entries:
- - ----------------
Title: Increase in RAdmin port scanning
Date: 26 December 2007
URL: http://www.auscert.org.au/8556
Title: Its raining Storm
Date: 26 December 2007
URL: http://www.auscert.org.au/8557
Alerts, Advisories and Updates:
- - -------------------------------
Title: AL-2007.0132 -- [Win] -- Trend Micro ServerProtect StRpcSrv.dll
Insecure Method Exposure Vulnerability
Date: 28 December 2007
URL: http://www.auscert.org.au/8526
Title: AA-2007.0127 -- [Win][UNIX/Linux] -- Two vulnerabilities in VLC 0.8.6d
allow arbitrary code execution
Date: 28 December 2007
URL: http://www.auscert.org.au/8558
Title: AA-2007.0128 -- [Win][UNIX/Linux] -- Mambo 4.6.3 has been released
fixing several security problems
Date: 28 December 2007
URL: http://www.auscert.org.au/8559
Title: AA-2007.0129 -- [Win][UNIX/Linux] -- TikiWiki 1.9.9 has been released
fixing four security flaws
Date: 28 December 2007
URL: http://www.auscert.org.au/8561
Title: AA-2007.0125 -- [Win][UNIX/Linux] -- Dokeos 1.8.4 Cross Site Scripting
(XSS) vulnerability
Date: 27 December 2007
URL: http://www.auscert.org.au/8554
Title: AU-2007.0028 -- AusCERT Update - [OSX] - Apple Security Update 2007-09
v1.1
Date: 24 December 2007
URL: http://www.auscert.org.au/8547
External Security Bulletins:
- - ----------------------------
Title: ESB-2007.1052 -- [Win] -- IBM Lotus Domino Web Access ActiveX control
stack buffer overflow
Date: 28 December 2007
OS: Windows 2003, Windows 2000, Windows XP, Windows Vista
URL: http://www.auscert.org.au/8560
Title: ESB-2007.1051 -- [UNIX/Linux][Debian] -- New cupsys packages fix
several vulnerabilities
Date: 27 December 2007
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X,
HP-UX, AIX
URL: http://www.auscert.org.au/8553
Title: ESB-2007.1050 -- [Win] -- HP Software Update Running on Windows, Remote
Execution of Arbitrary Code
Date: 24 December 2007
OS: Windows 2003, Windows 2000, Windows XP, Windows Vista
URL: http://www.auscert.org.au/8552
Title: ESB-2007.1049 -- [Win] -- CA Products That Embed Ingres Authentication
Vulnerability
Date: 24 December 2007
OS: Windows 98/98SE, Windows 2003, Windows 2000, Windows XP, Windows NT 4,
Windows Vista, Windows ME
URL: http://www.auscert.org.au/8551
Title: ESB-2007.1048 -- [Win][UNIX/Linux][Solaris] -- Cross-site Scripting
Vulnerability in Sun Java System Web Server and Web Proxy Server
Date: 24 December 2007
OS: Solaris, Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other
Linux Variants, Windows XP, Red Hat Linux, HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/8550
Title: ESB-2007.1047 -- [Solaris] -- Security Vulnerabilities in the Apache
1.3 and 2.0 Web Server Daemon and "mod_status" Module May Lead to Cross
Site Scripting (XSS) or Denial of Service (DoS).
Date: 24 December 2007
OS: Solaris
URL: http://www.auscert.org.au/8548
Title: ESB-2007.1046 -- [Win][UNIX/Linux] -- Adobe Flash Player Updates for
Multiple Vulnerabilities
Date: 24 December 2007
OS: Solaris, HP Tru64 UNIX, Windows 98/98SE, Ubuntu, Debian GNU/Linux,
Other BSD Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD,
Other Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, Mac OS
X, HP-UX, AIX, Windows Vista, Windows ME
URL: http://www.auscert.org.au/8546
Title: ESB-2007.1043 -- [TRU64] -- HP Tru64 UNIX running FFM, Local Denial of
Service (Dos)
Date: 27 December 2007
OS: HP Tru64 UNIX
URL: http://www.auscert.org.au/8542
Title: ESB-2007.1018 -- [Win] -- HP Quick Launch Button (QLB) Running on
Windows, Remote Execution of Arbitrary Code, Gain Privileged Access
Date: 28 December 2007
OS: Windows Vista, Windows XP, Windows 2000, Windows 2003
URL: http://www.auscert.org.au/8514
Title: ESB-2007.0901 -- [Win][UNIX/Linux][Debian] -- New zope-cmfplone
packages fix arbitrary code execution
Date: 28 December 2007
OS: AIX, HP-UX, Mac OS X, Red Hat Linux, Other Linux Variants, FreeBSD,
Windows 2000, OpenBSD, Windows 2003, IRIX, Other BSD Variants, Debian
GNU/Linux, HP Tru64 UNIX, Solaris
URL: http://www.auscert.org.au/8346
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list