[AusNOG] AusCERT Week in Review - Week Ending 30/11/2007 (AUSCERT#20073F686)
matthew at auscert.org.au
matthew at auscert.org.au
Fri Nov 30 13:28:12 EST 2007
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
AusCERT Week in Review
30 November 2007
Greetings AusNOG,
Don't forget today is Computer Security Day. More details are available
at:
http://www.auscert.org.au/8172
Please come along as all are welcome.
Best Regards,
- -- Matthew McGlashan --
Coordination Centre Team Leader | Hotline: +61 7 3365 4417
Australian Computer Emergency Response Team | Direct: +61 7 3365 7924
(AusCERT) | Fax: +61 7 3365 7031
The University of Queensland | WWW: www.auscert.org.au
Qld 4072 Australia | Email: auscert at auscert.org.au
AusCERT in the Media:
- ---------------------
securing from the inside: whitelisting
TechRepublic, KY
23 hours ago
http://blogs.techrepublic.com.com/security/?p=369
Papers, Articles and other documents:
- -------------------------------------
Title: Computer Security Day 2007
Date: 29 November 2007
URL: http://www.auscert.org.au/8172
Web Log Entries:
- ----------------
Alerts, Advisories and Updates:
- -------------------------------
Title: AU-2007.0025 -- AusCERT Update - [FreeBSD] - Firefox 2.0.0.10 now
available on FreeBSD
Date: 29 November 2007
URL: http://www.auscert.org.au/8426
Title: AA-2007.0114 -- [Win][UNIX/Linux] -- Netscape Multiple Vulnerabilities
Date: 29 November 2007
URL: http://www.auscert.org.au/8427
Title: AL-2007.0122 -- [Win] -- Buffer overflow vulnerability in Lotus Notes
file viewer for Lotus 1-2-3 attachments
Date: 29 November 2007
URL: http://www.auscert.org.au/8428
Title: AA-2007.0113 -- [Win][UNIX/Linux] -- Mozilla Firefox 2.0.0.10 Released
Date: 27 November 2007
URL: http://www.auscert.org.au/8420
Title: AA-2007.0107 -- [Appliance] -- Multiple vulnerabilities in Ingate
Firewall and SIParator
Date: 26 November 2007
URL: http://www.auscert.org.au/8400
Title: AL-2007.0121 -- [Win] -- New vulnerabilities in Apple QuickTime may
allow remote execution of arbitrary code
Date: 26 November 2007
URL: http://www.auscert.org.au/8413
Title: AA-2007.0112 -- [Win][UNIX/Linux] -- Session fixation vulnerability in
Ruby on Rails
Date: 26 November 2007
URL: http://www.auscert.org.au/8414
External Security Bulletins:
- ----------------------------
Title: ESB-2007.0958 -- [Cisco] -- Cisco Unified IP Phone Remote Eavesdropping
Date: 29 November 2007
OS: Cisco Products
URL: http://www.auscert.org.au/8425
Title: ESB-2007.0957 -- [Win] -- Symantec Backup Exec for Windows Server:
Multiple Denial of Service Issues in Job Engine
Date: 29 November 2007
OS: Windows 2003, Windows 2000, Windows XP
URL: http://www.auscert.org.au/8424
Title: ESB-2007.0956 -- [OSX] -- Apple Mail remote command execution
vulnerability
Date: 28 November 2007
OS: Mac OS X
URL: http://www.auscert.org.au/8423
Title: ESB-2007.0955 -- [Win][UNIX/Linux][Debian] -- New tk8.3 and tk8.4
packages fix arbitrary code execution
Date: 28 November 2007
OS: Windows Vista, AIX, HP-UX, Mac OS X, Red Hat Linux, Windows XP, Other
Linux Variants, FreeBSD, Windows 2000, OpenBSD, Windows 2003, IRIX,
Other BSD Variants, Debian GNU/Linux, Ubuntu, HP Tru64 UNIX, Solaris
URL: http://www.auscert.org.au/8422
Title: ESB-2007.0954 -- [Win][UNIX/Linux][Debian] -- New wireshark packages
fix several vulnerabilities
Date: 28 November 2007
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows
Vista
URL: http://www.auscert.org.au/8421
Title: ESB-2007.0953 -- [UNIX/Linux][RedHat] -- Critical: firefox and
seamonkey security updates
Date: 27 November 2007
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X,
HP-UX, AIX
URL: http://www.auscert.org.au/8419
Title: ESB-2007.0952 -- [Appliance] -- HPSBST02291 SSRT071498 rev.1 - Storage
Management Appliance (SMA), Microsoft Patch Applicability MS07-061 and
MS07-062
Date: 27 November 2007
URL: http://www.auscert.org.au/8418
Title: ESB-2007.0951 -- [RedHat] -- Important: java-1.5.0-ibm security update
Date: 27 November 2007
OS: Red Hat Linux
URL: http://www.auscert.org.au/8417
Title: ESB-2007.0950 -- [UNIX/Linux] -- nss_ldap: Information disclosure
Date: 27 November 2007
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X,
HP-UX, AIX
URL: http://www.auscert.org.au/8416
Title: ESB-2007.0949 -- [Debian] -- New mysql packages fix multiple
vulnerabilities
Date: 27 November 2007
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/8415
Title: ESB-2007.0948 -- [Debian] -- New ruby packages fix insecure SSL
certificate validation
Date: 26 November 2007
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/8412
Title: ESB-2007.0947 -- [Win][Linux] -- IBM Director fails to properly
time-out connection requests from clients
Date: 23 November 2007
OS: Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux
Variants, Windows XP, Red Hat Linux
URL: http://www.auscert.org.au/8409
Title: ESB-2007.0946 -- [Win][UNIX/Linux] -- Updated cacti packages fix SQL
injection vulnerability
Date: 23 November 2007
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows
Vista
URL: http://www.auscert.org.au/8408
Title: ESB-2007.0944 -- [RedHat] -- Moderate: conga security, bug fix, and
enhancement update
Date: 23 November 2007
OS: Red Hat Linux
URL: http://www.auscert.org.au/8406
Title: ESB-2007.0718 -- [HP-UX] -- HP-UX Running BIND, Remote DNS Cache
Poisoning
Date: 28 November 2007
OS: HP-UX
URL: http://www.auscert.org.au/8111
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (FreeBSD)
Comment: http://www.auscert.org.au/render.html?it=1967
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBR091PCh9+71yA2DNAQKXXgP+PEvWjalTrlJ9PGR7IFGjl3V4xZydmldM
Dr/bF9NX2YpT6QoT5pNkvZ+KNShREnXwKyh6sc85dOQCWK22fIcCkQCsI8ZCS6oS
ztq+GB6x6k4XA2D1RgBTNwS732DkIMXLZz0ug7y5Nwr6se9r3xObsTHkCu53TG+i
0GvY7H51lwM=
=LUAs
-----END PGP SIGNATURE-----
More information about the AusNOG
mailing list