[AusNOG] AusCERT Week in Review - Week Ending 29/06/2007 (AUSCERT#20073F686) (fwd)

Robert Lowe rlowe at auscert.org.au
Mon Jul 2 17:33:16 EST 2007


Apologies for the delay in getting this report to you.

-- 
Robert Lowe, Computer Security Analyst   | Hotline: +61 7 3365 4417
AusCERT, Australia's national CERT       | Fax:     +61 7 3365 7031
The University of Queensland             | WWW:     www.auscert.org.au
QLD 4072 Australia                       | Email:   auscert at auscert.org.au


------- Forwarded Message

AusCERT Week in Review
29 June 2007


Greetings,

- - From a vulnerability perspective, the major event this week was the release
of several vulnerabilities in MIT Kerberos (AL-2007.0078). According to the
description in the Kerberos advisories, the RPC vulnerabilities are difficult
to exploit and the kadmind vulnerability requires authenticated access to
exploit. We have not yet seen any proof of concept code made public for these
vulnerabiltiies.


We'd like to re-iterate our request for information from anyone who has
received the emails claiming to be Microsoft Security Bulletins but in fact,
linking off to malware. For more information see AusCERT Alert AL-2007.0079:

  http://www.auscert.org.au/7796


Regards,
Rob.
- - --
Robert Lowe, Computer Security Analyst   | Hotline: +61 7 3365 4417
AusCERT, Australia's national CERT       | Fax:     +61 7 3365 7031
The University of Queensland             | WWW:     www.auscert.org.au
QLD 4072 Australia                       | Email:   auscert at auscert.org.au


AusCERT in the Media:
- - ----------------------------  


Papers, Articles and other documents:
- - -------------------------------------


Alerts, Advisories and Updates:
- - -------------------------------
Title: AL-2007.0079 -- [Win] -- Targeted trojan masquerading as a Microsoft
       Security Bulletin 
Date:  29 June 2007
URL:   http://www.auscert.org.au/7796

Title: AA-2007.0049 -- [Win] -- Trend Micro release patches for
       vulnerabilities in OfficeScan 8.0 
Date:  27 June 2007
URL:   http://www.auscert.org.au/7781

Title: AL-2007.0078 -- [UNIX/Linux] -- Critical vulnerabilities in MIT
       Kerberos 
Date:  27 June 2007
URL:   http://www.auscert.org.au/7773


External Security Bulletins:
- - ----------------------------
Title: ESB-2007.0487 -- [Win][UNIX/Linux] -- Updated webmin packages fix XSS
       vulnerability 
Date:  29 June 2007
OS:    Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
       Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants,
       Windows XP, Red Hat Linux, Windows NT 4, Mac OS X, HP-UX, AIX, Windows
       Vista 
URL:   http://www.auscert.org.au/7797

Title: ESB-2007.0486 -- [Win][UNIX/Linux][Debian] -- New hiki packages fix
       missing input sanitising 
Date:  29 June 2007
OS:    Solaris, HP Tru64 UNIX, Windows 98/98SE, Debian GNU/Linux, Other BSD
       Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other
       Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, Mac OS X,
       HP-UX, AIX, Windows Vista, Windows ME 
URL:   http://www.auscert.org.au/7795

Title: ESB-2007.0485 -- [Debian] -- New krb5 packages fix several
       vulnerabilities 
Date:  29 June 2007
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/7794

Title: ESB-2007.0484 -- [Tru64] -- Multiple vulnerabilities in Secure Web
       Server for HP Tru64 UNIX Powered by Apache (SWS) or HP Internet Express
       for Tru64 UNIX running PHP 
Date:  29 June 2007
OS:    HP Tru64 UNIX 
URL:   http://www.auscert.org.au/7793

Title: ESB-2007.0483 -- [RedHat] -- Important: cman security update 
Date:  29 June 2007
OS:    Debian GNU/Linux, Other Linux Variants, Red Hat Linux 
URL:   http://www.auscert.org.au/7792

Title: ESB-2007.0482 -- [Solaris] -- dtsession(1X) Contains a Buffer Overflow
       Vulnerability 
Date:  29 June 2007
OS:    Solaris 
URL:   http://www.auscert.org.au/7791

Title: ESB-2007.0481 -- [Solaris] -- Security Vulnerabilities in the KSSL
       Kernel Module May Lead to a System Panic 
Date:  29 June 2007
OS:    Solaris 
URL:   http://www.auscert.org.au/7790

Title: ESB-2007.0480 -- [Solaris] -- Security Vulnerability in the Kerberos
       Administration Daemon (kadmind(1M)) May Lead to Arbitrary Code
       Execution 
Date:  29 June 2007
OS:    Solaris 
URL:   http://www.auscert.org.au/7789

Title: ESB-2007.0479 -- [Solaris] -- A Security Vulnerability in the TCP
       Loopback/Fusion Code May Lead to a System Hang Resulting in a Denial of
       Service (DoS) 
Date:  29 June 2007
OS:    Solaris 
URL:   http://www.auscert.org.au/7788

Title: ESB-2007.0478 -- [Win][UNIX/Linux][Debian] -- New wireshark packages
       fix denial of service 
Date:  28 June 2007
OS:    Solaris, HP Tru64 UNIX, Windows 98/98SE, Debian GNU/Linux, Other BSD
       Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other
       Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, Mac OS X,
       HP-UX, AIX, Windows Vista, Windows ME 
URL:   http://www.auscert.org.au/7787

Title: ESB-2007.0477 -- [Solaris] -- Multiple Memory Corruption
       Vulnerabilities in Mozilla 1.7 for Solaris 8, 9 and 10 
Date:  28 June 2007
OS:    Solaris 
URL:   http://www.auscert.org.au/7786

Title: ESB-2007.0476 -- [RedHat] -- Critical: HelixPlayer security update 
Date:  28 June 2007
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/7785

Title: ESB-2007.0475 -- [Solaris] -- A Security Vulnerability in the
       Implementation of the RPCSEC_GSS API Affects the Kerberos
       Administration Daemon (kadmind(1M)) 
Date:  28 June 2007
OS:    Solaris 
URL:   http://www.auscert.org.au/7784

Title: ESB-2007.0474 -- [Solaris] -- Security Vulnerability in the Solaris
       libsldap Library May Allow a Denial of Service to nscd(1M) 
Date:  28 June 2007
OS:    Solaris 
URL:   http://www.auscert.org.au/7783

Title: ESB-2007.0473 -- [Solaris] -- Security Vulnerabilities in OpenSSL May
       Lead to a Denial of Service (DoS) to Applications or Execution of
       Arbitrary Code With Elevated Privileges 
Date:  28 June 2007
OS:    Solaris 
URL:   http://www.auscert.org.au/7782

Title: ESB-2007.0472 -- [UNIX/Linux] -- Updated proftpd packages fix
       authentication bypass 
Date:  27 June 2007
OS:    Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
       OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
       AIX 
URL:   http://www.auscert.org.au/7780

Title: ESB-2007.0471 -- [Win][RedHat][Solaris] -- Symantec Mail Security for
       SMTP Executable Attachment Parsing Denial of Service 
Date:  27 June 2007
OS:    Solaris, Windows 2003, Windows 2000, Red Hat Linux 
URL:   http://www.auscert.org.au/7779

Title: ESB-2007.0470 -- [Win][UNIX/Linux] -- Multiple Vulnerabilities in
       Xythos Server Products 
Date:  27 June 2007
OS:    Solaris, HP Tru64 UNIX, Windows 98/98SE, Debian GNU/Linux, Other BSD
       Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other
       Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, Mac OS X,
       HP-UX, AIX, Windows Vista, Windows ME 
URL:   http://www.auscert.org.au/7778

Title: ESB-2007.0469 -- [Win][UNIX/Linux] -- RealNetworks
       RealPlayer/HelixPlayer SMIL wallclock Stack Overflow Vulnerability 
Date:  27 June 2007
OS:    Solaris, Debian GNU/Linux, Other BSD Variants, Windows 2003, OpenBSD,
       Windows 2000, FreeBSD, Other Linux Variants, Windows XP, Red Hat Linux,
       Windows NT 4, HP-UX, Windows ME 
URL:   http://www.auscert.org.au/7777

Title: ESB-2007.0468 -- [Win][UNIX/Linux] -- Moderate: apache security update 
Date:  28 June 2007
OS:    Windows Vista, AIX, HP-UX, Mac OS X, Windows NT 4, Red Hat Linux,
       Windows XP, Other Linux Variants, FreeBSD, Windows 2000, OpenBSD,
       Windows 2003, IRIX, Other BSD Variants, Debian GNU/Linux, HP Tru64
       UNIX, Solaris 
URL:   http://www.auscert.org.au/7776

Title: ESB-2007.0467 -- [Linux][RedHat] -- Important: kernel security update 
Date:  27 June 2007
OS:    Debian GNU/Linux, Other Linux Variants, Red Hat Linux 
URL:   http://www.auscert.org.au/7775

Title: ESB-2007.0466 -- [RedHat] -- krb5 security update 
Date:  27 June 2007
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/7774

Title: ESB-2007.0465 -- [RedHat] -- Important: evolution security update 
Date:  26 June 2007
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/7772

Title: ESB-2007.0464 -- [HP-UX] -- HP-UX Running Xserver, Local Denial of
       Service (DoS) 
Date:  26 June 2007
OS:    HP-UX 
URL:   http://www.auscert.org.au/7771

Title: ESB-2007.0463 -- [Win][UNIX/Linux] -- CA Products That Embed Ingres
       Multiple Vulnerabilities 
Date:  25 June 2007
OS:    Solaris, HP Tru64 UNIX, Windows 98/98SE, Debian GNU/Linux, Windows
       2003, Windows 2000, Other Linux Variants, Windows XP, Red Hat Linux,
       Windows NT 4, HP-UX, AIX, Windows Vista, Windows ME 
URL:   http://www.auscert.org.au/7770

Title: ESB-2007.0462 -- [Win][Linux] -- F-Secure Security Bulletin FSC-2007-5:
       Scan bypass vulnerabilities in handling of specially crafted LHA and
       RAR archives 
Date:  25 June 2007
OS:    Windows 98/98SE, Debian GNU/Linux, Windows 2003, Windows 2000, Other
       Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, Windows Vista,
       Windows ME 
URL:   http://www.auscert.org.au/7769

Title: ESB-2007.0461 -- [UNIX/Linux][Debian] -- New evolution-data-server
       packages fix arbitrary code execution 
Date:  25 June 2007
OS:    Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
       OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
       AIX 
URL:   http://www.auscert.org.au/7768

Title: ESB-2007.0460 -- [Debian] -- New clamav packages fix several
       vulnerabilities 
Date:  25 June 2007
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/7767

Title: ESB-2007.0459 -- [UNIX/Linux][Debian] -- New maradns packages fix
       denial of service 
Date:  25 June 2007
OS:    Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
       OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
       AIX 
URL:   http://www.auscert.org.au/7766

Title: ESB-2007.0458 -- [UNIX/Linux][Debian] -- New ekg packages fix denial of
       service 
Date:  25 June 2007
OS:    Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
       OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX 
URL:   http://www.auscert.org.au/7765

Title: ESB-2007.0457 -- [Win][UNIX/Linux][Debian] -- New tinymux packages fix
       buffer overflow 
Date:  25 June 2007
OS:    Solaris, Windows 98/98SE, Debian GNU/Linux, Other BSD Variants, IRIX,
       Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants,
       Windows XP, Red Hat Linux, Windows NT 4, Mac OS X, Windows Vista,
       Windows ME 
URL:   http://www.auscert.org.au/7764

Title: ESB-2007.0456 -- [Win][OSX] -- Apple Safari 3 Beta Update 3.0.2 
Date:  25 June 2007
OS:    Windows XP, Mac OS X, Windows Vista 
URL:   http://www.auscert.org.au/7763

Title: ESB-2007.0455 -- [OSX] -- Apple Security Update 2007-006 
Date:  25 June 2007
OS:    Mac OS X 
URL:   http://www.auscert.org.au/7762

Title: ESB-2007.0453 -- [Solaris] -- Security Vulnerability in RSA Signature
       Verification Affects GnuTLS Library Versions Prior to 1.4.4 
Date:  25 June 2007
OS:    Solaris 
URL:   http://www.auscert.org.au/7760

Title: ESB-2007.0392 -- [Solaris] -- Security Vulnerability in scp(1) May
       Allow Execution of Unintended Commands 
Date:  29 June 2007
OS:    Solaris 
URL:   http://www.auscert.org.au/7685

Title: ESB-2007.0391 -- [Solaris] -- Security Vulnerability in the sshd(1M)
       Protocol Version 1 Implementation May Allow a Denial of Service to the
       Host 
Date:  28 June 2007
OS:    Solaris 
URL:   http://www.auscert.org.au/7684

Title: ESB-2007.0385 -- [Win] -- Symantec Ghost Solution Suite denial of
       service vulnerabilities 
Date:  25 June 2007
OS:    Windows Vista, Windows XP, Windows 2000, Windows 2003 
URL:   http://www.auscert.org.au/7676

Title: ESB-2007.0289 -- [Win] -- Cerulean Studios Trillian Multiple IRC
       Vulnerabilities 
Date:  25 June 2007
OS:    Windows ME, Windows Vista, Windows NT 4, Windows XP, Windows 2000,
       Windows 98/98SE 
URL:   http://www.auscert.org.au/7544

Title: ESB-2007.0250 -- [Tru64] -- HP Tru64 UNIX SSL and BIND Remote Arbitrary
       Code Execution or Denial of Service 
Date:  28 June 2007
OS:    HP Tru64 UNIX 
URL:   http://www.auscert.org.au/7497



===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert at auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

------- End of Forwarded Message






More information about the AusNOG mailing list