[AusNOG] AusCERT Week in Review - Week Ending 27/06/2008 (AUSCERT#20073F686)
Richard Billington
richard at auscert.org.au
Fri Jun 27 16:23:39 EST 2008
AusCERT Week in Review
27 June 2008
Web Log Entries:
- - ----------------
Title: Whitelisting
Date: 24 June 2008
URL: http://www.auscert.org.au/9498
Alerts, Advisories and Updates:
- - -------------------------------
Title: AA-2008.0142 -- [Appliance] -- Xerox has released 3 security bulletins
detailing vulnerabilities in Copiers, Printers and WorkCentre devices.
Date: 26 June 2008
URL: http://www.auscert.org.au/9510
Title: AL-2008.0078 -- [Win][OSX] -- Security Update available for Adobe
Reader and Acrobat 8.1.2
Date: 25 June 2008
URL: http://www.auscert.org.au/9501
Title: AU-2008.0013 -- AusCERT Update - [Win] - Microsoft Security Bulletin
MS07-042 Re-Release
Date: 25 June 2008
URL: http://www.auscert.org.au/9504
Title: AU-2008.0014 -- AusCERT Update - [UNIX/Linux] - Re-Release of fetchmail
patch for CVE-2008-2711
Date: 25 June 2008
URL: http://www.auscert.org.au/9505
Title: AA-2008.0141 -- [HCM] -- IBM have released PTF MH01110 which contains
security fixes for HMC V6R1.3
Date: 23 June 2008
URL: http://www.auscert.org.au/9495
External Security Bulletins:
- - ----------------------------
Title: ESB-2007.0898 -- [Solaris] -- Multiple Security Vulnerabilities in the
JavaScript Engine in Mozilla 1.7 for Solaris 8, 9 and 10
Date: 23 June 2008
OS: Solaris
URL: http://www.auscert.org.au/8343
Title: ESB-2008.0652 -- [Win] -- Microsoft Internet Explorer 6 contains a
cross-domain vulnerability
Date: 27 June 2008
OS: Windows 2003, Windows 2000, Windows XP, Server 2008, Windows Vista
URL: http://www.auscert.org.au/9513
Title: ESB-2008.0651 -- [Solaris] -- Multiple Security Vulnerabilities in the
Adobe Reader may lead to Execution of Arbitrary Code
Date: 27 June 2008
OS: Solaris
URL: http://www.auscert.org.au/9512
Title: ESB-2008.0650 -- [Debian] -- New dbus packages fix privilege escalation
Date: 27 June 2008
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/9511
Title: ESB-2008.0649 -- [Cisco] -- Cisco Unified Communications Manager Denial
of Service and Authentication Bypass Vulnerabilities
Date: 26 June 2008
OS: Cisco Products
URL: http://www.auscert.org.au/9509
Title: ESB-2008.0648 -- [Cisco] -- Wide Area Application Services (WAAS)
Common UNIX Printing System (CUPS) Vulnerability
Date: 26 June 2008
OS: Cisco Products
URL: http://www.auscert.org.au/9508
Title: ESB-2008.0647 -- [Win][UNIX/Linux] -- Drupal Third Party Module -
Suggested terms vulnerability
Date: 26 June 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX, AIX,
Windows Vista
URL: http://www.auscert.org.au/9507
Title: ESB-2008.0646 -- [Linux][RedHat] -- Important: kernel security and bug
fix update
Date: 26 June 2008
OS: Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/9506
Title: ESB-2008.0645 -- [Linux][RedHat] -- Important: sblim security update
Date: 25 June 2008
OS: Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/9503
Title: ESB-2008.0644 -- [RedHat] -- Moderate: IBMJava2 security update
Date: 25 June 2008
OS: Red Hat Linux
URL: http://www.auscert.org.au/9502
Title: ESB-2008.0643 -- [HP-UX] -- HP-UX running HP CIFS Server (Samba),
Remote Execution of Arbitrary Code
Date: 24 June 2008
OS: HP-UX
URL: http://www.auscert.org.au/9500
Title: ESB-2008.0642 -- [HP-UX] -- HP-UX Running Apache with PHP, Remote
Execution of Arbitrary Code
Date: 24 June 2008
OS: HP-UX
URL: http://www.auscert.org.au/9499
Title: ESB-2008.0641 -- [Win][UNIX/Linux] -- Multiple vulnerabilities in Ruby
may lead to a denial of service (DoS) condition or allow execution of
arbitrary code.
Date: 24 June 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX, AIX,
Windows Vista
URL: http://www.auscert.org.au/9497
Title: ESB-2008.0640 -- [Win][UNIX/Linux] -- An off-by-one error was found in
nasm 2.02.
Date: 24 June 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX, AIX,
Windows Vista
URL: http://www.auscert.org.au/9496
Title: ESB-2008.0639 -- [RedHat] -- Important: freetype security update
Date: 23 June 2008
OS: Red Hat Linux
URL: http://www.auscert.org.au/9494
Title: ESB-2008.0620 -- [Solaris] -- Multiple security vulnerabilities in the
Solaris X Server Extensions may lead to a Denial of Service (DoS)
condition or allow Execution of Arbitrary Code
Date: 23 June 2008
OS: Solaris
URL: http://www.auscert.org.au/9458
Title: ESB-2008.0581 -- [Solaris] -- rpc.ypupdated(1M) may allow execution of
Arbitrary Code when run in Insecure Mode
Date: 25 June 2008
OS: Solaris
URL: http://www.auscert.org.au/9397
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
- -----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQCVAwUBSGSGByh9+71yA2DNAQIcWwP/f96skqhKnbKGISq7kAl0ipD1QQUT7FRj
XHnmQy+r2mUGei3f3YP5XltNtIGUmYuYcGjsky3utdoWMF8WCZhcSec8//aZhq3B
sF8L/rLfE4Gi5+pgXiHwTw33u/3McOy6Ex1F/3HowJSEvvhILmB9wgQYazc1YAeZ
55ISazKTDpw=
=hAxR
- -----END PGP SIGNATURE-----
------- End of Forwarded Message
More information about the AusNOG
mailing list