[AusNOG] AusCERT Week in Review - Week Ending 19/10/2007 (AUSCERT#20073F686)
Richard Billington
richard at auscert.org.au
Fri Oct 19 17:20:42 EST 2007
AusCERT Week in Review
19 October 2007
Greetings,
This week at AusCERT we have two new Computer Security Analysts to join
the AusCERT co-ordination centre: Paul Fahey and Damien Curtain. They are
both very welcome additions to team and look forward to working with you,
our members.
We were also made aware that Storm (aka Peacomm) is now using encryption
with a 40 byte key for its communication. This change may point to the
future (or current) selling of the Storm network to others for SPAM, DDoS
and other malicious activity. [1]
Wednesday saw Oracle release patches for 51 vulnerabilities in "hundreds"
of Oracle products. [2] So if you are running any Oracle products you
should probably think about applying the patches.
Lastly today a new version of Firefox (2.0.0.8) was released correcting
multiple security vulnerabilities. [3]
Regards,
Richard
- - --
Security Analyst | Hotline: +61 7 3365 4417
AusCERT | Fax: +61 7 3365 7031
Australia's National CERT | WWW: www.auscert.org.au
Brisbane QLD Australia | Email: auscert at auscert.org.au
Refrences
[1] The Changing Storm
http://www.secureworks.com/research/blog/index.php/2007/10/15/the-changing-storm
[2] Oracle Critical Patch Update Pre-Release Announcement - October 2007
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2007.html
[3] New versions of Firefox, Thuinderbird, and SeaMonkey fix multiple security vulnerabilities
http://www.auscert.org.au/render.html?it=8237
Web Log Entries:
- - ----------------
Title: A newly registered Australian political party trials online voting in
Australia
Date: 17 October 2007
URL: http://www.auscert.org.au/8217
Title: Australian Taxation Office Notification
Date: 15 October 2007
URL: http://www.auscert.org.au/8208
Alerts, Advisories and Updates:
- - -------------------------------
Title: AL-2007.0117 -- [Win][UNIX/Linux] -- Oracle Critical Patch Update
Pre-Release Announcement for October 2007
Date: 19 October 2007
URL: http://www.auscert.org.au/8213
Title: AU-2007.0023 -- AusCERT Update - [Win][UNIX/Linux] - Oracle Critical
Patch Update for October 2007
Date: 19 October 2007
URL: http://www.auscert.org.au/8218
Title: AA-2007.0089 -- [Win][Appliance] -- Multiple vulnerabilities in Nortel
IP Phone products
Date: 19 October 2007
URL: http://www.auscert.org.au/8239
Title: AA-2007.0087 -- [Win][UNIX/Linux] -- Opera versions prior to 9.24
contain a code execution and same-origin policy vulnerabilities
Date: 19 October 2007
URL: http://www.auscert.org.au/8234
Title: AA-2007.0088 -- [Win][Linux][Solaris][AIX] -- IBM WebSphere Application
Server Scripting Tools unspecified vulnerabilities
Date: 19 October 2007
URL: http://www.auscert.org.au/8238
Title: AA-2007.0086 -- [UNIX/Linux] -- Multiple denial of service
vulnerabilities in libpng
Date: 18 October 2007
URL: http://www.auscert.org.au/8225
Title: AA-2007.0085 -- [Win][UNIX/Linux] -- Remote code execution
vulnerability in TikiWiki
Date: 16 October 2007
URL: http://www.auscert.org.au/8207
External Security Bulletins:
- - ----------------------------
Title: ESB-2007.0814 -- [Win][UNIX/Linux] -- New versions of Firefox,
Thuinderbird, and SeaMonkey fix multiple security vulnerabilities
Date: 19 October 2007
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants,
Windows XP, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/8237
Title: ESB-2007.0813 -- [Win][UNIX/Linux] -- New t1lib packages fix arbitrary
code execution
Date: 19 October 2007
OS: Solaris, HP Tru64 UNIX, Windows 98/98SE, Debian GNU/Linux, Other BSD
Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other
Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, Mac OS X,
HP-UX, AIX, Windows Vista, Windows ME
URL: http://www.auscert.org.au/8235
Title: ESB-2007.0812 -- [Win][UNIX/Linux] -- New zoph packages fix SQL
injection
Date: 19 October 2007
OS: Solaris, HP Tru64 UNIX, Windows 98/98SE, Debian GNU/Linux, Other BSD
Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other
Linux Variants, Windows XP, Red Hat Linux, Windows NT 4, Mac OS X,
HP-UX, AIX, Windows Vista, Windows ME
URL: http://www.auscert.org.au/8233
Title: ESB-2007.0811 -- [Debian] -- New dhcp packages fix arbitrary code
execution
Date: 19 October 2007
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/8232
Title: ESB-2007.0810 -- [Win][UNIX/Linux] -- Multiple vulnerabilities in
Drupal
Date: 18 October 2007
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants,
Windows XP, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/8230
Title: ESB-2007.0809 -- [HP-UX] -- HP-UX Running OpenSSL, Local Denial of
Service (DoS)
Date: 19 October 2007
OS: HP-UX
URL: http://www.auscert.org.au/8229
Title: ESB-2007.0808 -- [Win] -- HP Storage Management Appliance (SMA),
Microsoft Patch Applicability MS07-055 to MS07-060
Date: 18 October 2007
OS: Windows 2000
URL: http://www.auscert.org.au/8228
Title: ESB-2007.0807 -- [Cisco] -- Cisco Unified Communications Manager Denial
of Service Vulnerabilities
Date: 19 October 2007
OS: Cisco Products
URL: http://www.auscert.org.au/8227
Title: ESB-2007.0806 -- [Win][UNIX/Linux] -- Buffer overflow in Tk when
loading some images
Date: 18 October 2007
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants,
Windows XP, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/8226
Title: ESB-2007.0805 -- [Win] -- Cisco Unified Communications Web-based
Management Vulnerability
Date: 19 October 2007
OS: Windows 2000, Windows 2003
URL: http://www.auscert.org.au/8224
Title: ESB-2007.0804 -- [Win][UNIX/Linux] -- Two Security Vulnerabilities in
the bzip2(1) Command may Allow the Permissions of Arbitrary Files to be
Modified or Allow for Arbitrarily Large Files to be Created
Date: 18 October 2007
OS: HP Tru64 UNIX, Solaris, Debian GNU/Linux, Other BSD Variants, IRIX,
Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants,
Windows XP, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/8223
Title: ESB-2007.0803 -- [Cisco] -- Multiple Vulnerabilities in Cisco PIX and
ASA Appliances
Date: 18 October 2007
OS: Cisco Products
URL: http://www.auscert.org.au/8222
Title: ESB-2007.0802 -- [Cisco] -- Multiple Vulnerabilities in Firewall
Services Module
Date: 18 October 2007
OS: Cisco Products
URL: http://www.auscert.org.au/8221
Title: ESB-2007.0801 -- [Win][UNIX/Linux] -- IBM Lotus Domino Web Server
service is vulnerable to a stack based buffer overflow
Date: 18 October 2007
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants,
Windows XP, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/8220
Title: ESB-2007.0800 -- [UNIX/Linux] -- Asterisk - SQL Injection Vulnerability
in cdr_addon_mysql
Date: 18 October 2007
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X, HP-UX,
AIX
URL: http://www.auscert.org.au/8219
Title: ESB-2007.0799 -- [Tru64] -- HP Tru64 UNIX Running Apache Tomcat, Remote
Unauthorized Access, Remote Denial of Service (DoS)
Date: 17 October 2007
OS: HP Tru64 UNIX
URL: http://www.auscert.org.au/8216
Title: ESB-2007.0798 -- [Appliance] -- FTP Security Vulnerability May Cause a
Denial of Service to Sun StorEdge 3510 Data Services
Date: 17 October 2007
URL: http://www.auscert.org.au/8215
Title: ESB-2007.0797 -- [RedHat] -- Moderate: java-1.5.0-bea security update
Date: 17 October 2007
OS: Red Hat Linux
URL: http://www.auscert.org.au/8214
Title: ESB-2007.0796 -- [Win] -- EMC RepliStor Server Heap Overflow
Vulnerability
Date: 16 October 2007
OS: Windows 2003, Windows 2000
URL: http://www.auscert.org.au/8212
Title: ESB-2007.0795 -- [Debian] -- New librpcsecgss packages fix arbitrary
code execution
Date: 16 October 2007
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/8211
Title: ESB-2007.0794 -- [Win][UNIX/Linux][Debian] -- New wesnoth packages fix
denial of service
Date: 16 October 2007
OS: Solaris, Windows 98/98SE, Debian GNU/Linux, Other BSD Variants, Windows
2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants, Windows XP,
Red Hat Linux, Windows NT 4, Mac OS X, Windows Vista, Windows ME
URL: http://www.auscert.org.au/8210
Title: ESB-2007.0793 -- [Win][UNIX/Linux] -- IBM DB2 DB2JDS Multiple
Vulnerabilities
Date: 15 October 2007
OS: Solaris, HP Tru64 UNIX, Debian GNU/Linux, Other BSD Variants, IRIX,
Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants,
Windows XP, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/8209
Title: ESB-2007.0792 -- [Solaris] -- Security Vulnerability in the Solaris RPC
Services Library (librpcsvc(3LIB)) may Lead to a Denial of Service
(DoS) Against Networked File Systems
Date: 15 October 2007
OS: Solaris
URL: http://www.auscert.org.au/8206
Title: ESB-2007.0791 -- [Solaris] -- Multiple Memory Corruption
Vulnerabilities in Mozilla 1.7 for Solaris 8, 9, and 10
Date: 15 October 2007
OS: Solaris
URL: http://www.auscert.org.au/8205
Title: ESB-2007.0790 -- [Solaris] -- Multiple Security Vulnerabilities in the
Solaris Tag Image File Format Library libtiff(3)
Date: 15 October 2007
OS: Solaris
URL: http://www.auscert.org.au/8204
Title: ESB-2007.0789 -- [RedHat] -- Important: java-1.5.0-sun security update
Date: 15 October 2007
OS: Red Hat Linux
URL: http://www.auscert.org.au/8203
Title: ESB-2007.0788 -- [RedHat] -- Important: openssl security update
Date: 15 October 2007
OS: Red Hat Linux
URL: http://www.auscert.org.au/8202
Title: ESB-2007.0785 -- [Win][RedHat][HP-UX][Solaris] -- HP Select Identity,
Remote Unauthorized Access
Date: 15 October 2007
OS: HP-UX, Red Hat Linux, Windows 2003, Solaris
URL: http://www.auscert.org.au/8199
Title: ESB-2007.0784 -- [HP-UX] -- HP-UX running Apache, Remote Unauthorized
Denial of Service (DoS)
Date: 19 October 2007
OS: HP-UX
URL: http://www.auscert.org.au/8198
Title: ESB-2007.0778 -- [Solaris] -- Multiple Security Issues Within The X
Font Server (xfs(1)) QueryXBitmaps and QueryXExtents Protocol Handlers
Date: 15 October 2007
OS: Solaris
URL: http://www.auscert.org.au/8192
Title: ESB-2007.0776 -- [Cisco] -- Cisco IOS Line Printer Daemon (LPD)
Protocol Stack Overflow
Date: 15 October 2007
OS: Cisco Products
URL: http://www.auscert.org.au/8190
Title: ESB-2007.0774 -- [Win][Linux][HP-UX] -- HP System Management Homepage
(SMH) Remote Cross Site Scripting (XSS)
Date: 19 October 2007
OS: Windows Vista, HP-UX, Red Hat Linux, Windows XP, Other Linux Variants,
Windows 2000, Windows 2003, Debian GNU/Linux
URL: http://www.auscert.org.au/8188
Title: ESB-2007.0770 -- [UNIX/Linux] -- Asterisk - Buffer overflows in
voicemail when using IMAP storage
Date: 18 October 2007
OS: AIX, HP-UX, Mac OS X, Red Hat Linux, Other Linux Variants, FreeBSD,
OpenBSD, IRIX, Other BSD Variants, Debian GNU/Linux, HP Tru64 UNIX,
Solaris
URL: http://www.auscert.org.au/8183
Title: ESB-2007.0754 -- [Win][Linux][Solaris] -- Security Vulnerabilities in
Java Runtime Environment May Allow Network Access Restrictions to be
Circumvented
Date: 16 October 2007
OS: Windows Vista, Red Hat Linux, Windows XP, Other Linux Variants, Windows
2000, Windows 2003, Debian GNU/Linux, Solaris
URL: http://www.auscert.org.au/8159
Title: ESB-2007.0724 -- [Win][Linux][Solaris] -- StarOffice crafted TIFF file
vulnerabilities
Date: 18 October 2007
OS: Windows ME, Windows Vista, Windows NT 4, Red Hat Linux, Windows XP,
Other Linux Variants, Windows 2000, Windows 2003, Debian GNU/Linux,
Windows 98/98SE, Solaris
URL: http://www.auscert.org.au/8123
Title: ESB-2007.0709 -- [Solaris] -- Security Vulnerability in BIND 8 May
Allow Cache Poisoning Attack
Date: 17 October 2007
OS: Solaris
URL: http://www.auscert.org.au/8100
Title: ESB-2007.0683 -- [Solaris] -- Security Vulnerability in RPCSEC_GSS
(rpcsec_gss(3NSL)) Affects Kerberos Administration Daemon (kadmind(1M))
Date: 18 October 2007
OS: Solaris
URL: http://www.auscert.org.au/8058
Title: ESB-2007.0427 -- [Solaris] -- Multiple Security Vulnerabilities in
samba(7) May Allow Remote Code Execution, Elevation of Privileges, or
Remote Shell Command Execution
Date: 15 October 2007
OS: Solaris
URL: http://www.auscert.org.au/7726
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 367 bytes
Desc: not available
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20071019/5ff515d7/attachment.sig>
More information about the AusNOG
mailing list