[AusNOG] AusCERT Week in Review - Week Ending 29/06/2007 (AUSCERT#20073F686) (fwd)
Robert Lowe
rlowe at auscert.org.au
Mon Jul 2 17:33:16 EST 2007
Apologies for the delay in getting this report to you.
--
Robert Lowe, Computer Security Analyst | Hotline: +61 7 3365 4417
AusCERT, Australia's national CERT | Fax: +61 7 3365 7031
The University of Queensland | WWW: www.auscert.org.au
QLD 4072 Australia | Email: auscert at auscert.org.au
------- Forwarded Message
AusCERT Week in Review
29 June 2007
Greetings,
- - From a vulnerability perspective, the major event this week was the release
of several vulnerabilities in MIT Kerberos (AL-2007.0078). According to the
description in the Kerberos advisories, the RPC vulnerabilities are difficult
to exploit and the kadmind vulnerability requires authenticated access to
exploit. We have not yet seen any proof of concept code made public for these
vulnerabiltiies.
We'd like to re-iterate our request for information from anyone who has
received the emails claiming to be Microsoft Security Bulletins but in fact,
linking off to malware. For more information see AusCERT Alert AL-2007.0079:
http://www.auscert.org.au/7796
Regards,
Rob.
- - --
Robert Lowe, Computer Security Analyst | Hotline: +61 7 3365 4417
AusCERT, Australia's national CERT | Fax: +61 7 3365 7031
The University of Queensland | WWW: www.auscert.org.au
QLD 4072 Australia | Email: auscert at auscert.org.au
AusCERT in the Media:
- - ----------------------------
Papers, Articles and other documents:
- - -------------------------------------
Alerts, Advisories and Updates:
- - -------------------------------
Title: AL-2007.0079 -- [Win] -- Targeted trojan masquerading as a Microsoft
Security Bulletin
Date: 29 June 2007
URL: http://www.auscert.org.au/7796
Title: AA-2007.0049 -- [Win] -- Trend Micro release patches for
vulnerabilities in OfficeScan 8.0
Date: 27 June 2007
URL: http://www.auscert.org.au/7781
Title: AL-2007.0078 -- [UNIX/Linux] -- Critical vulnerabilities in MIT
Kerberos
Date: 27 June 2007
URL: http://www.auscert.org.au/7773
External Security Bulletins:
- - ----------------------------
Title: ESB-2007.0487 -- [Win][UNIX/Linux] -- Updated webmin packages fix XSS
vulnerability
Date: 29 June 2007
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants,
Windows XP, Red Hat Linux, Windows NT 4, Mac OS X, HP-UX, AIX, Windows
Vista
URL: http://www.auscert.org.au/7797
Title: ESB-2007.0486 -- [Win][UNIX/Linux][Debian] -- New hiki packages fix
missing input sanitising
Date: 29 June 2007
OS: Solaris, HP Tru64 UNIX, Windows 98/98SE, Debian GNU/Linux, Other BSD
Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other
Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, Mac OS X,
HP-UX, AIX, Windows Vista, Windows ME
URL: http://www.auscert.org.au/7795
Title: ESB-2007.0485 -- [Debian] -- New krb5 packages fix several
vulnerabilities
Date: 29 June 2007
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/7794
Title: ESB-2007.0484 -- [Tru64] -- Multiple vulnerabilities in Secure Web
Server for HP Tru64 UNIX Powered by Apache (SWS) or HP Internet Express
for Tru64 UNIX running PHP
Date: 29 June 2007
OS: HP Tru64 UNIX
URL: http://www.auscert.org.au/7793
Title: ESB-2007.0483 -- [RedHat] -- Important: cman security update
Date: 29 June 2007
OS: Debian GNU/Linux, Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/7792
Title: ESB-2007.0482 -- [Solaris] -- dtsession(1X) Contains a Buffer Overflow
Vulnerability
Date: 29 June 2007
OS: Solaris
URL: http://www.auscert.org.au/7791
Title: ESB-2007.0481 -- [Solaris] -- Security Vulnerabilities in the KSSL
Kernel Module May Lead to a System Panic
Date: 29 June 2007
OS: Solaris
URL: http://www.auscert.org.au/7790
Title: ESB-2007.0480 -- [Solaris] -- Security Vulnerability in the Kerberos
Administration Daemon (kadmind(1M)) May Lead to Arbitrary Code
Execution
Date: 29 June 2007
OS: Solaris
URL: http://www.auscert.org.au/7789
Title: ESB-2007.0479 -- [Solaris] -- A Security Vulnerability in the TCP
Loopback/Fusion Code May Lead to a System Hang Resulting in a Denial of
Service (DoS)
Date: 29 June 2007
OS: Solaris
URL: http://www.auscert.org.au/7788
Title: ESB-2007.0478 -- [Win][UNIX/Linux][Debian] -- New wireshark packages
fix denial of service
Date: 28 June 2007
OS: Solaris, HP Tru64 UNIX, Windows 98/98SE, Debian GNU/Linux, Other BSD
Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other
Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, Mac OS X,
HP-UX, AIX, Windows Vista, Windows ME
URL: http://www.auscert.org.au/7787
Title: ESB-2007.0477 -- [Solaris] -- Multiple Memory Corruption
Vulnerabilities in Mozilla 1.7 for Solaris 8, 9 and 10
Date: 28 June 2007
OS: Solaris
URL: http://www.auscert.org.au/7786
Title: ESB-2007.0476 -- [RedHat] -- Critical: HelixPlayer security update
Date: 28 June 2007
OS: Red Hat Linux
URL: http://www.auscert.org.au/7785
Title: ESB-2007.0475 -- [Solaris] -- A Security Vulnerability in the
Implementation of the RPCSEC_GSS API Affects the Kerberos
Administration Daemon (kadmind(1M))
Date: 28 June 2007
OS: Solaris
URL: http://www.auscert.org.au/7784
Title: ESB-2007.0474 -- [Solaris] -- Security Vulnerability in the Solaris
libsldap Library May Allow a Denial of Service to nscd(1M)
Date: 28 June 2007
OS: Solaris
URL: http://www.auscert.org.au/7783
Title: ESB-2007.0473 -- [Solaris] -- Security Vulnerabilities in OpenSSL May
Lead to a Denial of Service (DoS) to Applications or Execution of
Arbitrary Code With Elevated Privileges
Date: 28 June 2007
OS: Solaris
URL: http://www.auscert.org.au/7782
Title: ESB-2007.0472 -- [UNIX/Linux] -- Updated proftpd packages fix
authentication bypass
Date: 27 June 2007
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
AIX
URL: http://www.auscert.org.au/7780
Title: ESB-2007.0471 -- [Win][RedHat][Solaris] -- Symantec Mail Security for
SMTP Executable Attachment Parsing Denial of Service
Date: 27 June 2007
OS: Solaris, Windows 2003, Windows 2000, Red Hat Linux
URL: http://www.auscert.org.au/7779
Title: ESB-2007.0470 -- [Win][UNIX/Linux] -- Multiple Vulnerabilities in
Xythos Server Products
Date: 27 June 2007
OS: Solaris, HP Tru64 UNIX, Windows 98/98SE, Debian GNU/Linux, Other BSD
Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other
Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, Mac OS X,
HP-UX, AIX, Windows Vista, Windows ME
URL: http://www.auscert.org.au/7778
Title: ESB-2007.0469 -- [Win][UNIX/Linux] -- RealNetworks
RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability
Date: 27 June 2007
OS: Solaris, Debian GNU/Linux, Other BSD Variants, Windows 2003, OpenBSD,
Windows 2000, FreeBSD, Other Linux Variants, Windows XP, Red Hat Linux,
Windows NT 4, HP-UX, Windows ME
URL: http://www.auscert.org.au/7777
Title: ESB-2007.0468 -- [Win][UNIX/Linux] -- Moderate: apache security update
Date: 28 June 2007
OS: Windows Vista, AIX, HP-UX, Mac OS X, Windows NT 4, Red Hat Linux,
Windows XP, Other Linux Variants, FreeBSD, Windows 2000, OpenBSD,
Windows 2003, IRIX, Other BSD Variants, Debian GNU/Linux, HP Tru64
UNIX, Solaris
URL: http://www.auscert.org.au/7776
Title: ESB-2007.0467 -- [Linux][RedHat] -- Important: kernel security update
Date: 27 June 2007
OS: Debian GNU/Linux, Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/7775
Title: ESB-2007.0466 -- [RedHat] -- krb5 security update
Date: 27 June 2007
OS: Red Hat Linux
URL: http://www.auscert.org.au/7774
Title: ESB-2007.0465 -- [RedHat] -- Important: evolution security update
Date: 26 June 2007
OS: Red Hat Linux
URL: http://www.auscert.org.au/7772
Title: ESB-2007.0464 -- [HP-UX] -- HP-UX Running Xserver, Local Denial of
Service (DoS)
Date: 26 June 2007
OS: HP-UX
URL: http://www.auscert.org.au/7771
Title: ESB-2007.0463 -- [Win][UNIX/Linux] -- CA Products That Embed Ingres
Multiple Vulnerabilities
Date: 25 June 2007
OS: Solaris, HP Tru64 UNIX, Windows 98/98SE, Debian GNU/Linux, Windows
2003, Windows 2000, Other Linux Variants, Windows XP, Red Hat Linux,
Windows NT 4, HP-UX, AIX, Windows Vista, Windows ME
URL: http://www.auscert.org.au/7770
Title: ESB-2007.0462 -- [Win][Linux] -- F-Secure Security Bulletin FSC-2007-5:
Scan bypass vulnerabilities in handling of specially crafted LHA and
RAR archives
Date: 25 June 2007
OS: Windows 98/98SE, Debian GNU/Linux, Windows 2003, Windows 2000, Other
Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, Windows Vista,
Windows ME
URL: http://www.auscert.org.au/7769
Title: ESB-2007.0461 -- [UNIX/Linux][Debian] -- New evolution-data-server
packages fix arbitrary code execution
Date: 25 June 2007
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
AIX
URL: http://www.auscert.org.au/7768
Title: ESB-2007.0460 -- [Debian] -- New clamav packages fix several
vulnerabilities
Date: 25 June 2007
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/7767
Title: ESB-2007.0459 -- [UNIX/Linux][Debian] -- New maradns packages fix
denial of service
Date: 25 June 2007
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
AIX
URL: http://www.auscert.org.au/7766
Title: ESB-2007.0458 -- [UNIX/Linux][Debian] -- New ekg packages fix denial of
service
Date: 25 June 2007
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/7765
Title: ESB-2007.0457 -- [Win][UNIX/Linux][Debian] -- New tinymux packages fix
buffer overflow
Date: 25 June 2007
OS: Solaris, Windows 98/98SE, Debian GNU/Linux, Other BSD Variants, IRIX,
Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants,
Windows XP, Red Hat Linux, Windows NT 4, Mac OS X, Windows Vista,
Windows ME
URL: http://www.auscert.org.au/7764
Title: ESB-2007.0456 -- [Win][OSX] -- Apple Safari 3 Beta Update 3.0.2
Date: 25 June 2007
OS: Windows XP, Mac OS X, Windows Vista
URL: http://www.auscert.org.au/7763
Title: ESB-2007.0455 -- [OSX] -- Apple Security Update 2007-006
Date: 25 June 2007
OS: Mac OS X
URL: http://www.auscert.org.au/7762
Title: ESB-2007.0453 -- [Solaris] -- Security Vulnerability in RSA Signature
Verification Affects GnuTLS Library Versions Prior to 1.4.4
Date: 25 June 2007
OS: Solaris
URL: http://www.auscert.org.au/7760
Title: ESB-2007.0392 -- [Solaris] -- Security Vulnerability in scp(1) May
Allow Execution of Unintended Commands
Date: 29 June 2007
OS: Solaris
URL: http://www.auscert.org.au/7685
Title: ESB-2007.0391 -- [Solaris] -- Security Vulnerability in the sshd(1M)
Protocol Version 1 Implementation May Allow a Denial of Service to the
Host
Date: 28 June 2007
OS: Solaris
URL: http://www.auscert.org.au/7684
Title: ESB-2007.0385 -- [Win] -- Symantec Ghost Solution Suite denial of
service vulnerabilities
Date: 25 June 2007
OS: Windows Vista, Windows XP, Windows 2000, Windows 2003
URL: http://www.auscert.org.au/7676
Title: ESB-2007.0289 -- [Win] -- Cerulean Studios Trillian Multiple IRC
Vulnerabilities
Date: 25 June 2007
OS: Windows ME, Windows Vista, Windows NT 4, Windows XP, Windows 2000,
Windows 98/98SE
URL: http://www.auscert.org.au/7544
Title: ESB-2007.0250 -- [Tru64] -- HP Tru64 UNIX SSL and BIND Remote Arbitrary
Code Execution or Denial of Service
Date: 28 June 2007
OS: HP Tru64 UNIX
URL: http://www.auscert.org.au/7497
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
------- End of Forwarded Message
More information about the AusNOG
mailing list