[AusNOG] AusCERT Week in Review - Week Ending 24/12/2008 (AUSCERT#20073f686)
Paul Fahey
paul at auscert.org.au
Wed Dec 24 17:31:55 EST 2008
Alerts, Advisories and Updates:
-------------------------------
Title: AA-2008.0265 -- [Win] -- Trend Micro HouseCall Server Edition 6.6
Active X control could allow running of arbitrary code
Date: 23 December 2008
URL: http://www.auscert.org.au/10265
Title: AU-2008.0028 -- AusCERT Update - [Win] - Vulnerability in Microsoft
SQL
Server Could Allow Remote Code Execution
Date: 23 December 2008
URL: http://www.auscert.org.au/10274
Title: AA-2008.0266 -- [Win] -- Vulnerability in Microsoft SQL Server Could
Allow Remote Code Execution
Date: 22 December 2008
URL: http://www.auscert.org.au/10273
Title: AU-2008.0027 -- AusCERT Update - [Solaris] - Multiple Printing
Regressions in Solaris 10
Date: 22 December 2008
URL: http://www.auscert.org.au/10261
Title: AA-2008.0263 -- [Win][UNIX/Linux] -- A number of vulnerabilities have
been identified in Opera prior to version 9.63
Date: 22 December 2008
URL: http://www.auscert.org.au/10245
Title: AU-2008.0026 -- AusCERT Update - [Debian] - New perl packages fix
privilege escalation
Date: 22 December 2008
URL: http://www.auscert.org.au/10260
Title: AA-2008.0264 -- [Win][Netware][UNIX/Linux] -- Malformed CAB files may
crash Sophos Anti-virus
Date: 22 December 2008
URL: http://www.auscert.org.au/10264
External Security Bulletins:
----------------------------
Title: ESB-2008.1160 -- [FreeBSD] -- netgraph / bluetooth privilege
escalation
Date: 23 December 2008
OS: FreeBSD
URL: http://www.auscert.org.au/10272
Title: ESB-2008.1159 -- [FreeBSD] -- Cross-site request forgery in ftpd(8)
Date: 23 December 2008
OS: FreeBSD
URL: http://www.auscert.org.au/10271
Title: ESB-2008.1158 -- [Win][Appliance] -- Storage Management Appliance
(SMA), Microsoft Patch Applicability MS08-078
Date: 23 December 2008
OS: Windows 2003, Windows 2000, Windows XP, Server 2008, Windows Vista
URL: http://www.auscert.org.au/10270
Title: ESB-2008.1157 -- [Win][UNIX/Linux][Ubuntu] -- Blender vulnerabilities
Date: 23 December 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants, Windows
XP,
Server 2008, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/10269
Title: ESB-2008.1156 -- [UNIX/Linux] -- Nagios and Nagios3 vulnerabilities
Date: 23 December 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/10268
Title: ESB-2008.1155 -- [Win][UNIX/Linux] -- New moodle packages fix several
vulnerabilities
Date: 23 December 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, HP-UX, AIX, Windows
Vista
URL: http://www.auscert.org.au/10267
Title: ESB-2008.1154 -- [Debian] -- New avahi packages fix denial of service
Date: 23 December 2008
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10266
Title: ESB-2008.1153 -- [Solaris] -- A Lack of Root Filesystem Space When
Installing Solaris 10 Kernel Patch 137137-09/137138-09 May Render
Systems Unbootable
Date: 22 December 2008
OS: Solaris
URL: http://www.auscert.org.au/10263
Title: ESB-2008.1152 -- [Solaris] -- A Security Vulnerability in the Solaris
Name Service Cache Daemon (nscd(1M)) May Allow Unauthorized Access to
Data and Escalation of Privileges
Date: 24 December 2008
OS: Solaris
URL: http://www.auscert.org.au/10262
Title: ESB-2008.1151 -- [Debian] -- New courier-authlib packages fix SQL
injection
Date: 23 December 2008
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10259
Title: ESB-2008.1150 -- [Win][Appliance] -- Storage Management Appliance
(SMA), Microsoft Patch Applicability MS08-070 to MS08-077
Date: 22 December 2008
OS: Windows 2003, Windows 2000, Server 2008
URL: http://www.auscert.org.au/10258
Title: ESB-2008.1149 -- [Debian] -- New proftpd-dfsg packages fix Cross-Site
Request Forgery
Date: 22 December 2008
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10257
Title: ESB-2008.1148 -- [RedHat] -- Critical: flash-plugin security update
Date: 22 December 2008
OS: Red Hat Linux
URL: http://www.auscert.org.au/10256
Title: ESB-2008.1142 -- [Solaris] -- Security Vulnerability in Solaris IP
Tunnel Parameter Processing May Lead to a System Panic or Possible
Execution of Arbitrary Code by Unprivileged Users
Date: 22 December 2008
OS: Solaris
URL: http://www.auscert.org.au/10248
Title: ESB-2008.1112 -- [UNIX/Linux][Ubuntu] -- Vinagre vulnerability
Date: 22 December 2008
OS: AIX, HP-UX, Mac OS X, Red Hat Linux, Other Linux Variants, FreeBSD,
OpenBSD, IRIX, Other BSD Variants, Debian GNU/Linux, Ubuntu, HP Tru64
UNIX, Solaris
URL: http://www.auscert.org.au/10194
Title: ESB-2008.1085 -- [Win][UNIX/Linux][Debian] -- New perl packages fix
privilege escalation
Date: 22 December 2008
OS: AIX, HP-UX, Mac OS X, Red Hat Linux, Other Linux Variants, FreeBSD,
OpenBSD, IRIX, Other BSD Variants, Debian GNU/Linux, Ubuntu, HP Tru64
UNIX, Solaris
URL: http://www.auscert.org.au/10134
Title: ESB-2008.0873 -- [Solaris] -- Multiple Printing Regressions in
Solaris
10
Date: 22 December 2008
OS: Solaris
URL: http://www.auscert.org.au/9831
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20081224/8a02064d/attachment.html>
More information about the AusNOG
mailing list