[AusNOG] AusCERT Week in Review - Week Ending 14/09/2007 (fwd)
Matthew Aburn
maburn at auscert.org.au
Mon Sep 17 10:24:14 EST 2007
AusCERT Week in Review
14 September 2007
AusCERT in the Media:
---------------------
Wireless network security
ABC Radio Queensland
Sep 12, 2007
Wi-fi a hacker's playground: experts
ABC Online, Australia
Sep 11, 2007
http://abc.net.au/news/stories/2007/09/12/2030396.htm?section=justin
Papers, Articles and other documents:
-------------------------------------
Web Log Entries:
----------------
Alerts, Advisories and Updates:
-------------------------------
Title: AL-2007.0111 -- [Win][OSX] -- QuickTime and iTunes - browser
integration vulnerability allows remote compromise via Firefox
Date: 13 September 2007
URL: http://www.auscert.org.au/8083
Title: AL-2007.0110 -- [Win] -- "Fathers Day" Malicious Emails
Date: 12 September 2007
URL: http://www.auscert.org.au/8073
Title: AL-2007.0109 -- [Win] -- Windows 2000 vulnerability in Microsoft Agent
component allows remote code execution
Date: 12 September 2007
URL: http://www.auscert.org.au/8071
Title: AA-2007.0077 -- [UNIX/Linux] -- Lighttpd mod_fastcgi remote buffer
overflow vulnerability
Date: 11 September 2007
URL: http://www.auscert.org.au/8070
Title: AA-2007.0076 -- [Win] -- Skype chat instant messaging worm currently
spreading
Date: 11 September 2007
URL: http://www.auscert.org.au/8068
Title: AU-2007.0020 -- AusCERT Update - [RedHat] - Important: corrected krb5
security update
Date: 10 September 2007
URL: http://www.auscert.org.au/8062
External Security Bulletins:
----------------------------
Title: ESB-2007.0702 -- [NetBSD] -- BIND cryptographically weak query IDs
Date: 14 September 2007
OS: Other BSD Variants
URL: http://www.auscert.org.au/8088
Title: ESB-2007.0701 -- [NetBSD] -- Local panics in display driver code
Date: 14 September 2007
OS: Other BSD Variants
URL: http://www.auscert.org.au/8087
Title: ESB-2007.0700 -- [NetBSD] -- IPv6 Type 0 Routing Header
Date: 14 September 2007
OS: Other BSD Variants
URL: http://www.auscert.org.au/8086
Title: ESB-2007.0699 -- [Win][UNIX/Linux][RedHat] -- Qt libraries - buffer
overflow vulnerability in Unicode string handling
Date: 14 September 2007
OS: UNIX Variants, Windows
URL: http://www.auscert.org.au/8085
Title: ESB-2007.0698 -- [Linux][RedHat] -- Important: kernel security update
Date: 14 September 2007
OS: Debian GNU/Linux, Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/8084
Title: ESB-2007.0697 -- [Win] -- Autodesk Backburner 3.0.2 System Backdoor
Date: 13 September 2007
OS: Windows 2003, Windows 2000, Windows XP, Windows Vista
URL: http://www.auscert.org.au/8082
Title: ESB-2007.0696 -- [Cisco] -- Reload on Processing a Command Including a
Regular Expression
Date: 13 September 2007
OS: Cisco Products
URL: http://www.auscert.org.au/8081
Title: ESB-2007.0695 -- [UNIX/Linux] -- Samba local vulnerability when using
"winbind nss info"
Date: 13 September 2007
OS: UNIX Variants
URL: http://www.auscert.org.au/8080
Title: ESB-2007.0694 -- [Win][UNIX/Linux][Debian] -- New jffnms packages fix
several vulnerabilities
Date: 12 September 2007
OS: UNIX Variants, Windows
URL: http://www.auscert.org.au/8079
Title: ESB-2007.0693 -- [UNIX/Linux][Debian] -- New ktorrent packages fix
directory traversal
Date: 12 September 2007
OS: Solaris, BSD Variants, Linux Variants, Mac OS X, AIX
URL: http://www.auscert.org.au/8078
Title: ESB-2007.0692 -- [Win][UNIX/Linux][Debian] -- New phpwiki packages fix
several vulnerabilities
Date: 12 September 2007
OS: UNIX Variants, Windows
URL: http://www.auscert.org.au/8077
Title: ESB-2007.0691 -- [Win] -- Patch available for Adobe Connect Enterprise
Server information disclosure issue
Date: 12 September 2007
OS: Windows 2003, Windows 2000
URL: http://www.auscert.org.au/8076
Title: ESB-2007.0690 -- [Win] -- Vulnerability in Crystal Reports for Visual
Studio Could Allow Remote Code Execution
Date: 12 September 2007
OS: Windows 2003, Windows 2000, Windows XP, Windows Vista
URL: http://www.auscert.org.au/8075
Title: ESB-2007.0689 -- [Win] -- Vulnerability in Windows Services for UNIX
Could Allow Elevation of Privilege
Date: 12 September 2007
OS: Windows Vista, Windows 2003, Windows 2000, Windows XP
URL: http://www.auscert.org.au/8074
Title: ESB-2007.0688 -- [Win] -- Vulnerability in MSN Messenger and Windows
Live Messenger Could Allow Remote Code Execution
Date: 12 September 2007
OS: Windows 2003, Windows 2000, Windows XP, Windows Vista
URL: http://www.auscert.org.au/8072
Title: ESB-2007.0687 -- [RedHat] -- Important: mysql security update
Date: 11 September 2007
OS: Red Hat Linux
URL: http://www.auscert.org.au/8067
Title: ESB-2007.0686 -- [Win] -- Intuit QuickBooks Online Edition v9 -
multiple vulnerabilities allow remote compromise
Date: 10 September 2007
OS: Windows
URL: http://www.auscert.org.au/8066
Title: ESB-2007.0685 -- [UNIX/Linux][Debian] -- New xorg-server packages fix
privilege escalation
Date: 10 September 2007
OS: Mac OS X, Linux Variants, BSD Variants, Solaris
URL: http://www.auscert.org.au/8065
Title: ESB-2007.0684 -- [Win][UNIX/Linux][Debian] -- New phpmyadmin packages
fix several vulnerabilities
Date: 12 September 2007
OS: UNIX Variants, Windows
URL: http://www.auscert.org.au/8063
Title: ESB-2007.0677 -- [Cisco] -- Cisco Video Surveillance IP Gateway and
Services Platform Authentication Vulnerabilities
Date: 12 September 2007
OS: Cisco Products
URL: http://www.auscert.org.au/8051
Title: ESB-2007.0665 -- [UNIX/Linux] -- New id3lib3.8.3 packages fix denial of
service
Date: 12 September 2007
OS: UNIX Variants
URL: http://www.auscert.org.au/8035
Title: ESB-2007.0346 -- [Win][Linux][HP-UX][Solaris][AIX] -- Security
Vulnerabilities in the SOCKS Module of Sun Java System Web Proxy Server
4.0
Date: 12 September 2007
OS: AIX, HP-UX, Linux Variants, Windows 2000, Windows 2003, Solaris
URL: http://www.auscert.org.au/7622
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list