[AusNOG] AusCERT Week in Review - Week Ending 22/08/2008 (AUSCERT#20073F686)
Matthew Braid
mdb at auscert.org.au
Fri Aug 22 15:07:32 EST 2008
AusCERT Week in Review
22 August 2008
AusCERT in the Media:
---------------------
Papers, Articles and other documents:
-------------------------------------
Web Log Entries:
----------------
Title: Somebody hit the internet 'snooze' button
Date: 22 August 2008
URL: http://www.auscert.org.au/9748
Title: Fedora infrastructure issue
Date: 20 August 2008
URL: http://www.auscert.org.au/9739
Alerts, Advisories and Updates:
-------------------------------
Title: AA-2008.0177 -- [Win][UNIX/Linux] -- Multiple vulnerabilities in Opera
Date: 21 August 2008
URL: http://www.auscert.org.au/9740
Title: AA-2008.0176 -- [Win][UNIX/Linux] -- Authorisation bypass vulnerability
in IBM Websphere Portal
Date: 20 August 2008
URL: http://www.auscert.org.au/9738
Title: AA-2008.0175 -- [UNIX/Linux][Appliance] -- Vulerability in multiple
Avaya products
Date: 19 August 2008
URL: http://www.auscert.org.au/9735
Title: AA-2008.0169 -- [Win] -- Webex Meeting Manager ActiveX control
vulnerability
Date: 18 August 2008
URL: http://www.auscert.org.au/9689
Title: AA-2008.0172 -- [Win][UNIX/Linux] -- New release of Joomla! to correct
a possible administrator compromise vulnerability
Date: 18 August 2008
URL: http://www.auscert.org.au/9727
Title: AA-2008.0173 -- [Win][UNIX/Linux] -- A vulnerability in GnuTLS may
allow a remote attacker to cause a denial of service
Date: 18 August 2008
URL: http://www.auscert.org.au/9732
Title: AA-2008.0174 -- [UNIX/Linux] -- xine-lib 1.1.15 released correcting
several vulnerabilities
Date: 18 August 2008
URL: http://www.auscert.org.au/9733
External Security Bulletins:
----------------------------
Title: ESB-2008.0821 -- [Win][UNIX/Linux] -- PowerDNS Recursor: DNS Cache
Poisoning
Date: 22 August 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX, AIX,
Windows Vista
URL: http://www.auscert.org.au/9747
Title: ESB-2008.0820 -- [UNIX/Linux] -- Format string vulnerability in yelp
Date: 22 August 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/9746
Title: ESB-2008.0819 -- [NetBSD] -- NetBSD malformed ICMPv6 MLD query crash
Date: 22 August 2008
OS: Other BSD Variants
URL: http://www.auscert.org.au/9745
Title: ESB-2008.0818 -- [Win][UNIX/Linux] -- vBulletin Cross Site Scripting
Vulnerability
Date: 22 August 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX, AIX,
Windows Vista
URL: http://www.auscert.org.au/9744
Title: ESB-2008.0817 -- [Linux][Debian] -- New Linux 2.6.18 packages fix
several vulnerabilities
Date: 22 August 2008
OS: Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/9743
Title: ESB-2008.0816 -- [UNIX/Linux][RedHat] -- Moderate: libxml2 security
update
Date: 22 August 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X,
HP-UX, AIX
URL: http://www.auscert.org.au/9742
Title: ESB-2008.0815 -- [Win][UNIX/Linux] -- Apache Tomcat UTF8 Directory
Traversal Vulnerability
Date: 21 August 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, HP-UX, AIX, Windows
Vista
URL: http://www.auscert.org.au/9741
Title: ESB-2008.0814 -- [Solaris] -- Denial of Service Vulnerability in NFSv4
Client Kernel Module
Date: 20 August 2008
OS: Solaris
URL: http://www.auscert.org.au/9737
Title: ESB-2008.0813 -- [Win][Appliance] -- Storage Management Appliance
(SMA), Microsoft Patch Applicability MS08-041 to MS08-051
Date: 20 August 2008
OS: Windows 2000
URL: http://www.auscert.org.au/9736
Title: ESB-2008.0812 -- [Debian] -- New postfix packages fix privilege
escalation
Date: 20 August 2008
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/9734
Title: ESB-2008.0808 -- [Win][Linux][HP-UX][Solaris] -- A Security
Vulnerability in the ftp Subsystem of Sun Java System Web Proxy Server
4.0 May Lead to a Denial of Service (DoS)
Date: 18 August 2008
OS: Windows Vista, HP-UX, Red Hat Linux, Server 2008, Windows XP, Other
Linux Variants, Windows 2000, Windows 2003, Debian GNU/Linux, Ubuntu,
Solaris
URL: http://www.auscert.org.au/9725
Title: ESB-2008.0789 -- [Win][UNIX/Linux] -- Multiple vulnerabilities in Ruby
Date: 18 August 2008
OS: Windows Vista, AIX, HP-UX, Mac OS X, Red Hat Linux, Server 2008,
Windows XP, Other Linux Variants, FreeBSD, Windows 2000, OpenBSD,
Windows 2003, IRIX, Other BSD Variants, Debian GNU/Linux, Ubuntu, HP
Tru64 UNIX, Solaris
URL: http://www.auscert.org.au/9698
Title: ESB-2008.0664 -- [Win][Linux] -- HP System Management Homepage (SMH)
for Linux and Windows, Remote Cross Site Scripting (XSS)
Date: 19 August 2008
OS: Windows Vista, Red Hat Linux, Server 2008, Windows XP, Other Linux
Variants, Windows 2000, Windows 2003, Debian GNU/Linux, Ubuntu
URL: http://www.auscert.org.au/9529
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list