[AusNOG] AusCERT Week in Review - Week Ending 05/10/2007 (AUSCERT#20073F686)

Richard Billington richard at auscert.org.au
Fri Oct 5 16:46:03 EST 2007


AusCERT Week in Review
05 October 2007

Greetings,

This week, AusCERT announced the call for papers for AusCERT2008. We would
really like to see our membership better represented on the AusCERT2008
program, so we encourage all our members to submit a presentation or tutorial
for consideration:

http://conference.auscert.org.au/conf2008/cfp2008.html

Or alternatively, we'd like to hear from our membership for ideas on
interesting presenters who you think may make a good addition to the program.


There has been an alleged vulnerability in Symantec Veritas Backup Exec for
Windows Servers 11d put up on the WabiSabiLabi vulnerability auction site: 

http://wslabi.com/wabisabilabi/showBidInfo.do?code=ZD-00000147

At this point it would be easy to launch into a rant about this site that is
"to bring the world closer to zero risk". But I'll leave that for another blog
entry.

So, there may be unpatched vulnerability in Symantec Veritas Backup Exec that 
is to be soon sold and potentially used publicly. So, as with any backup
product, access to server ports used for backup should be restricted to the
backup client, and vice versa for client ports. All backup service ports should
not be accessible from outside your organisation. 


Regards,
Rob and Richard

- - --
Security Analyst           |  Hotline: +61 7 3365 4417
AusCERT                    |  Fax:     +61 7 3365 7031
Australia's National CERT  |  WWW:     www.auscert.org.au
Brisbane QLD Australia     |  Email:   auscert at auscert.org.au


Papers, Articles and other documents:
- - -------------------------------------
Title: Call for presentations and tutorials for AusCERT2008 
Date:  03 October 2007
URL:   http://www.auscert.org.au/6748


Web Log Entries:
- - ----------------


Alerts, Advisories and Updates:
- - -------------------------------
Title: AA-2007.0084 -- [Win][UNIX/Linux] -- Cross Site Scripting (XSS)
       vulnerability in BlackBoard Learning System 
Date:  05 October 2007
URL:   http://www.auscert.org.au/8162

Title: AL-2007.0112 -- [Win] -- Computer Associates BrightStor HSM r11.5
       Multiple Vulnerabilities 
Date:  03 October 2007
URL:   http://www.auscert.org.au/8138

Title: AA-2007.0083 -- [Linux] -- Execution of arbitrary code across Xen
       virtual machines 
Date:  02 October 2007
URL:   http://www.auscert.org.au/8144


External Security Bulletins:
- - ----------------------------
Title: ESB-2007.0756 -- [UNIX/Linux][Debian] -- New gforge packages fix
       cross-site scripting 
Date:  05 October 2007
OS:    Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
       OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
       AIX 
URL:   http://www.auscert.org.au/8161

Title: ESB-2007.0755 -- [Win][Linux][Solaris] -- Security Vulnerability in
       Java Runtime Environment With Applet Caching May Allow Network Access
       Restrictions to be Circumvented 
Date:  05 October 2007
OS:    Solaris, Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux
       Variants, Windows XP, Red Hat Linux, Windows Vista 
URL:   http://www.auscert.org.au/8160

Title: ESB-2007.0754 -- [Win][Linux][Solaris] -- Security Vulnerabilities in
       Java Runtime Environment May Allow Network Access Restrictions to be
       Circumvented 
Date:  05 October 2007
OS:    Solaris, Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux
       Variants, Windows XP, Red Hat Linux, Windows Vista 
URL:   http://www.auscert.org.au/8159

Title: ESB-2007.0753 -- [Win][Linux][Solaris] -- Multiple Security
       Vulnerabilities in Java Web Start Relating to Local File Access 
Date:  05 October 2007
OS:    Solaris, Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux
       Variants, Windows XP, Red Hat Linux, Windows Vista 
URL:   http://www.auscert.org.au/8158

Title: ESB-2007.0752 -- [Win][Linux][Solaris] -- An Untrusted Java Web Start
       Application or Java Applet May Move or Copy Arbitrary Files by
       Requesting the User to Drag and Drop a File from Application or Applet
       Window to a Desktop Application 
Date:  05 October 2007
OS:    Solaris, Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux
       Variants, Windows XP, Red Hat Linux, Windows Vista 
URL:   http://www.auscert.org.au/8157

Title: ESB-2007.0751 -- [Win][Linux][Solaris] -- Java Runtime Environment
       (JRE) May Allow Untrusted Applets or Applications to Display An
       Oversized Window so that the Warning Banner is Not Visible to User 
Date:  05 October 2007
OS:    Solaris, Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux
       Variants, Windows XP, Red Hat Linux, Windows Vista 
URL:   http://www.auscert.org.au/8156

Title: ESB-2007.0750 -- [UNIX/Linux] -- Patches available to correct
       vulnerabilities in Drupal Project issue tracking and Boost modules 
Date:  04 October 2007
OS:    Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
       OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
       AIX 
URL:   http://www.auscert.org.au/8155

Title: ESB-2007.0749 -- [FreeBSD] -- Buffer overflow in OpenSSL
       SSL_get_shared_ciphers() 
Date:  04 October 2007
OS:    FreeBSD 
URL:   http://www.auscert.org.au/8154

Title: ESB-2007.0748 -- [Win] -- Security Update for QuickTime 7.2 
Date:  04 October 2007
OS:    Windows XP, Windows Vista 
URL:   http://www.auscert.org.au/8153

Title: ESB-2007.0747 -- [RedHat] -- Moderate: elinks security update 
Date:  04 October 2007
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/8152

Title: ESB-2007.0746 -- [Debian] -- New quagga packages fix denial of service 
Date:  04 October 2007
OS:    Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
       OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX 
URL:   http://www.auscert.org.au/8151

Title: ESB-2007.0745 -- [Solaris] -- Security Vulnerability in Solaris Named
       Pipes (pipe(2)) May Allow Unauthorized Data Access 
Date:  04 October 2007
OS:    Solaris 
URL:   http://www.auscert.org.au/8150

Title: ESB-2007.0744 -- [Debian] -- New Linux 2.6.18 packages fix several
       vulnerabilities 
Date:  03 October 2007
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/8149

Title: ESB-2007.0743 -- [UNIX/Linux] -- Multiple Vendor X Font Server Multiple
       Vulnerabilities 
Date:  03 October 2007
OS:    Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
       OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
       AIX 
URL:   http://www.auscert.org.au/8148

Title: ESB-2007.0742 -- [Debian] -- New elinks packages fix information
       disclosure 
Date:  03 October 2007
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/8147

Title: ESB-2007.0741 -- [Linux][RedHat] -- Important: xen security update 
Date:  03 October 2007
OS:    Debian GNU/Linux, Other Linux Variants, Red Hat Linux 
URL:   http://www.auscert.org.au/8146

Title: ESB-2007.0740 -- [Debian] -- New openssl packages fix arbitrary code
       execution 
Date:  03 October 2007
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/8145

Title: ESB-2007.0739 -- [Solaris] -- Sun Fire X2100 M2/X2200 M2 ELOM is
       Vulnerable to Unauthorized Access 
Date:  03 October 2007
OS:    Solaris 
URL:   http://www.auscert.org.au/8143

Title: ESB-2007.0738 -- [Win][UNIX/Linux] -- openssl vulnerabilities 
Date:  01 October 2007
OS:    Solaris, HP Tru64 UNIX, Windows 98/98SE, Debian GNU/Linux, Other BSD
       Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other
       Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, Mac OS X,
       HP-UX, AIX, Windows Vista, Windows ME 
URL:   http://www.auscert.org.au/8142

Title: ESB-2007.0737 -- [Win][Linux][HP-UX][Solaris] -- Installation of Sun
       Java System Access Manager 7.1 on Sun Java System Application Server
       9.1 or 8.x May Compromise Application Server Security 
Date:  02 October 2007
OS:    HP-UX, Red Hat Linux, Windows XP, Windows 2000, Windows 2003, Solaris 
URL:   http://www.auscert.org.au/8141

Title: ESB-2007.0733 -- [Linux] -- New Linux 2.6.18 packages fix several
       vulnerabilities 
Date:  01 October 2007
OS:    Red Hat Linux, Other Linux Variants, Debian GNU/Linux 
URL:   http://www.auscert.org.au/8134

Title: ESB-2007.0729 -- [Cisco] -- Cisco Security Response: Catalyst 6500 and
       Cisco 7600 Series Devices Accessible via Loopback Address 
Date:  01 October 2007
OS:    Cisco Products 
URL:   http://www.auscert.org.au/8130

Title: ESB-2007.0728 -- [Solaris] -- Local DoS in the Human Interface Device
       (HID) Class Driver for Solaris 
Date:  01 October 2007
OS:    Solaris 
URL:   http://www.auscert.org.au/8128

Title: ESB-2007.0711 -- [Linux][RedHat] -- Important: nfs-utils-lib security
       update 
Date:  03 October 2007
OS:    Red Hat Linux, Other Linux Variants, Debian GNU/Linux 
URL:   http://www.auscert.org.au/8102

Title: ESB-2007.0665 -- [UNIX/Linux] -- New id3lib3.8.3 packages fix denial of
       service 
Date:  03 October 2007
OS:    AIX, HP-UX, Mac OS X, Red Hat Linux, Other Linux Variants, FreeBSD,
       OpenBSD, IRIX, Other BSD Variants, Debian GNU/Linux, HP Tru64 UNIX,
       Solaris 
URL:   http://www.auscert.org.au/8035

Title: ESB-2007.0427 -- [Solaris] -- Multiple Security Vulnerabilities in
       samba(7) May Allow Remote Code Execution, Elevation of Privileges, or
       Remote Shell Command Execution 
Date:  01 October 2007
OS:    Solaris 
URL:   http://www.auscert.org.au/7726



===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert at auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 367 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20071005/04f82188/attachment.sig>


More information about the AusNOG mailing list