[AusNOG] AusCERT Week in Review - Week Ending 21/09/2007 (fwd)
Matthew Aburn
maburn at auscert.org.au
Fri Sep 21 17:02:48 EST 2007
AusCERT Week in Review
21 September 2007
Papers, Articles and other documents:
-------------------------------------
Web Log Entries:
----------------
Title: Snakes in an Office
Date: 20 September 2007
URL: http://www.auscert.org.au/8106
Title: Storm malicious emails - lures continuing to change
Date: 18 September 2007
URL: http://www.auscert.org.au/8094
Title: Father's Day Email Follow-up
Date: 18 September 2007
URL: http://www.auscert.org.au/8093
Alerts, Advisories and Updates:
-------------------------------
Title: AA-2007.0080 -- [Win][Linux] -- VMware Workstation, Player, and ACE -
multiple vulnerabilities
Date: 20 September 2007
URL: http://www.auscert.org.au/8107
Title: AU-2007.0021 -- AusCERT Update - [Win][OSX] - Firefox 2.0.0.7 released
addressing QuickTime browser integration vulnerability
Date: 19 September 2007
URL: http://www.auscert.org.au/8096
Title: AA-2007.0079 -- [Win][UNIX/Linux] -- WordPress 2.2.3 release fixed SQL
injection and script injection vulnerabilities
Date: 18 September 2007
URL: http://www.auscert.org.au/8095
Title: AA-2007.0078 -- [Win][UNIX/Linux] -- Apache httpd releases fix six
vulnerabilities
Date: 17 September 2007
URL: http://www.auscert.org.au/8090
Title: AL-2007.0103 -- [Win] -- Trend Micro ServerProtect Multiple
Vulnerabilities
Date: updated 19 September 2007
URL: http://www.auscert.org.au/7997
Title: AL-2007.0110 -- [Win] -- "Fathers Day" Malicious Emails
Date: updated 17 September 2007
URL: http://www.auscert.org.au/8073
External Security Bulletins:
----------------------------
Title: ESB-2007.0719 -- [HP-UX] -- Previous HP Ignite-UX security fix script
incorrect - updated script released
Date: 21 September 2007
OS: HP-UX
URL: http://www.auscert.org.au/8112
Title: ESB-2007.0718 -- [HP-UX] -- HP-UX Running BIND, Remote DNS Cache
Poisoning
Date: updated 21 September 2007
OS: HP-UX
URL: http://www.auscert.org.au/8111
Title: ESB-2007.0717 -- [RedHat] -- Moderate: php security update
Date: 21 September 2007
OS: Red Hat Linux
URL: http://www.auscert.org.au/8110
Title: ESB-2007.0716 -- [Win][Linux][ESX] -- Critical VMware security updates
also required for VMware ESX Server and VMware Server
Date: 21 September 2007
OS: Linux Variants, Windows, Virtualisation
URL: http://www.auscert.org.au/8109
Title: ESB-2007.0715 -- [Win] -- Multiple vendors affected by Microsoft
Foundation Class library FindFile() buffer overflow
Date: 21 September 2007
OS: Windows
URL: http://www.auscert.org.au/8108
Title: ESB-2007.0714 -- [Appliance] -- HP Storage Management Appliance (SMA),
Microsoft Patch Applicability MS07-051 to MS07-054
Date: 20 September 2007
OS: Appliance
URL: http://www.auscert.org.au/8105
Title: ESB-2007.0713 -- [RedHat] -- Moderate: xorg-x11 security update
Date: 20 September 2007
OS: Red Hat Linux
URL: http://www.auscert.org.au/8104
Title: ESB-2007.0712 -- [Win][UNIX/Linux][RedHat] -- Important: libvorbis
security update
Date: 20 September 2007
OS: UNIX Variants, Windows
URL: http://www.auscert.org.au/8103
Title: ESB-2007.0711 -- [Linux][RedHat] -- Important: nfs-utils-lib security
update
Date: 20 September 2007
OS: Linux Variants
URL: http://www.auscert.org.au/8102
Title: ESB-2007.0710 -- [HP-UX] -- HP-UX Running logins(1M), Remote
Unauthorized Access
Date: 20 September 2007
OS: HP-UX
URL: http://www.auscert.org.au/8101
Title: ESB-2007.0709 -- [Solaris] -- Security Vulnerability in BIND 8 May
Allow Cache Poisoning Attack
Date: 20 September 2007
OS: Solaris
URL: http://www.auscert.org.au/8100
Title: ESB-2007.0708 -- [Cisco] -- The Cisco Adaptive Security Appliance
insecurely logs passwords
Date: 19 September 2007
OS: Cisco Products
URL: http://www.auscert.org.au/8099
Title: ESB-2007.0707 -- [HP-UX] -- HP-UX Running Firefox, Remote Unauthorized
Access or Elevation of Privileges or Denial of Service
Date: 19 September 2007
OS: HP-UX
URL: http://www.auscert.org.au/8098
Title: ESB-2007.0706 -- [RedHat] -- Important: openoffice.org security update
Date: 19 September 2007
OS: Red Hat Linux
URL: http://www.auscert.org.au/8097
Title: ESB-2007.0705 -- [Debian] -- New OpenOffice.org packages fix arbitrary
code execution
Date: 18 September 2007
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/8092
Title: ESB-2007.0704 -- [Win][UNIX/Linux] -- OpenOffice TIFF File Parsing
Multiple Integer Overflow Vulnerabilities
Date: 18 September 2007
OS: Solaris, Windows, OpenBSD, FreeBSD, Linux Variants, Mac OS X
URL: http://www.auscert.org.au/8091
Title: ESB-2007.0703 -- [Win] -- HP System Management Homepage (SMH) for
Windows, Incomplete Update Installation
Date: 17 September 2007
OS: Windows 2003, Windows 2000
URL: http://www.auscert.org.au/8089
Title: ESB-2007.0650 -- [Win] -- Oracle JInitiator ActiveX control stack
buffer overflows
Date: updated 19 September 2007
OS: Windows
URL: http://www.auscert.org.au/8017
Title: ESB-2007.0346 -- [Win][Linux][HP-UX][Solaris][AIX] -- Security
Vulnerabilities in the SOCKS Module of Sun Java System Web Proxy Server
4.0
Date: updated 19 September 2007
OS: AIX, HP-UX, Linux Variants, Windows 2000, Windows 2003, Solaris
URL: http://www.auscert.org.au/7622
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list