[AusNOG] AusCERT Week in Review - Week Ending 14/03/2008 (AUSCERT#20073f686)
Zane Jarvis
zane at auscert.org.au
Fri Mar 14 16:56:30 EST 2008
Hey AusNOG,
This week Microsoft released four critical updates which affected the Office
suites. It was reported that Excel documents were being spammed which actively
exploited one of the vulnerabilities. We did not personally see any of these
Excel files. So if you have been receiving any please feel free to forward
them to us.
Regards,
Zane Jarvis, Computer Security Analyst | Hotline: +61 7 3365 4417
AusCERT, Australia's national CERT | Fax: +61 7 3365 7031
The University of Queensland | WWW: www.auscert.org.au
QLD 4072 Australia | Email: auscert at auscert.org.au
AusCERT in the Media:
---------------------
Telstra, CommBank, DoD in secret cyberwar games
Builder AU, Australia
23 hours ago
http://www.builderau.com.au/news/soa/Telstra-CommBank-DoD-in-secret-cyberwar-games/0,339028227,339286727,00.htm
Internet fraud could cost you thousands: Are you protected?
SmartCompany.com.au, Australia
Mar 12, 2008
http://www.smartcompany.com.au/Premium-Articles/Top-Story/20080312-Internet-fraud-could-cost-you-thousands-Are-you-protected.html
Australia engages allies in cyber warfare
cso.online.com.au, Australia
Mar 12, 2008
http://www.csoonline.com.au/index.php/id;1447007406;fp;16;fpid;1
Analysis: DHS stages cyberwar exercise
United Press International
Mar 10, 2008
http://www.upi.com/International_Security/Emerging_Threats/Analysis/2008/03/10/analysis_dhs_stages_cyberwar_exercise/1908/
Papers, Articles and other documents:
-------------------------------------
Web Log Entries:
----------------
Title: AusCERT is 15!
Date: 09 March 2008
URL: http://www.auscert.org.au/8924
Alerts, Advisories and Updates:
-------------------------------
Title: AL-2008.0030 -- [Win][Cisco][Solaris] -- CiscoWorks Internetwork
Performance Monitor Remote Command Execution Vulnerability
Date: 14 March 2008
URL: http://www.auscert.org.au/8957
Title: AA-2008.0066 -- [UNIX/Linux][OSX] -- Dovecot - multiple vulnerabilities
Date: 14 March 2008
URL: http://www.auscert.org.au/8958
Title: AL-2008.0029 -- [Win][Cisco] -- Cisco Secure Access Control Server for
Windows User-Changeable Password Vulnerabilities
Date: 13 March 2008
URL: http://www.auscert.org.au/8944
Title: AA-2008.0065 -- [BSD] -- Patches released for OpenBSD address a
vulnerability in ppp
Date: 13 March 2008
URL: http://www.auscert.org.au/8949
Title: AL-2008.0027 -- [Win][OSX] -- MS08-016 - Critical Vulnerabilities in
Microsoft Office Could Allow Remote Code Execution (949030)
Date: 12 March 2008
URL: http://www.auscert.org.au/8933
Title: AL-2008.0028 -- [Win] -- MS08-017 - Critical Vulnerabilities in
Microsoft Office Web Components Could Allow Remote Code Execution
(933103)
Date: 12 March 2008
URL: http://www.auscert.org.au/8934
Title: AL-2008.0025 -- [Win][OSX] -- MS08-014 Vulnerabilities in Microsoft
Excel Could Allow Remote Code Execution
Date: 11 March 2008
URL: http://www.auscert.org.au/8931
Title: AL-2008.0026 -- [Win] -- Critical Vulnerability in Microsoft Outlook
Could Allow Remote Code Execution (949031)
Date: 11 March 2008
URL: http://www.auscert.org.au/8932
Title: AL-2008.0024 -- [Win][OSX] -- Microsoft Bulletin Notification - March
Prerelease Announcement
Date: 11 March 2008
URL: http://www.auscert.org.au/8930
Title: AA-2008.0063 -- [Win] -- Panda Security products - multiple
vulnerabilities
Date: 10 March 2008
URL: http://www.auscert.org.au/8925
Title: AA-2008.0064 -- [Win][UNIX/Linux] -- IBM WebSphere MQ Security Bypass
Date: 10 March 2008
URL: http://www.auscert.org.au/8926
Title: AA-2008.0062 -- [Win][Linux][Solaris] -- Sun Java JRE and JDK -
multiple security vulnerabilities
Date: 09 March 2008
URL: http://www.auscert.org.au/8911
External Security Bulletins:
----------------------------
Title: ESB-2008.0268 -- [AIX] -- AIX Perl buffer overflow vulnerability
Date: 14 March 2008
OS: AIX
URL: http://www.auscert.org.au/8956
Title: ESB-2008.0267 -- [AIX] -- AIX Logical Volume Manager buffer overflow
Date: 14 March 2008
OS: AIX
URL: http://www.auscert.org.au/8955
Title: ESB-2008.0266 -- [AIX] -- AIX libc inet_network buffer overflow
Date: 14 March 2008
OS: AIX
URL: http://www.auscert.org.au/8954
Title: ESB-2008.0265 -- [AIX] -- AIX reboot buffer overflow
Date: 14 March 2008
OS: AIX
URL: http://www.auscert.org.au/8953
Title: ESB-2008.0264 -- [AIX] -- AIX nddstat family environment variable error
Date: 14 March 2008
OS: AIX
URL: http://www.auscert.org.au/8952
Title: ESB-2008.0263 -- [AIX] -- AIX lsmcode environment variable error
Date: 14 March 2008
OS: AIX
URL: http://www.auscert.org.au/8951
Title: ESB-2008.0262 -- [AIX] -- AIX kernel multiple security vulnerabilities
Date: 14 March 2008
OS: AIX
URL: http://www.auscert.org.au/8950
Title: ESB-2008.0261 -- [Win][UNIX/Linux] -- Sun Java Server Faces - Cross
Site Scripting May Lead to Elevation of Privileges
Date: 13 March 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows
Vista
URL: http://www.auscert.org.au/8948
Title: ESB-2008.0260 -- [Win][UNIX/Linux] -- Ubercart (Drupal Third party
module) - Cross site scripting
Date: 13 March 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, FreeBSD, Other Linux Variants, Windows XP,
Red Hat Linux, Mac OS X, HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/8947
Title: ESB-2008.0259 -- [Solaris] -- A Security Vulnerability Relating to
Inter-Process Communication (IPC) May Lead to a Denial of Service
Date: 13 March 2008
OS: Solaris
URL: http://www.auscert.org.au/8946
Title: ESB-2008.0258 -- [Solaris] -- Solaris 10 Systems Equipped With e1000g
Drivers May Experience Ethernet Link Flaps
Date: 13 March 2008
OS: Solaris
URL: http://www.auscert.org.au/8945
Title: ESB-2008.0257 -- [Win] -- RealNetworks RealPlayer ActiveX controls
property heap memory corruption
Date: 13 March 2008
OS: Windows 2003, Windows 2000, Windows XP, Windows Vista
URL: http://www.auscert.org.au/8943
Title: ESB-2008.0256 -- [RedHat] -- Important: Red Hat Directory Server 7.1
Service Pack 4 security update
Date: 12 March 2008
OS: Red Hat Linux
URL: http://www.auscert.org.au/8942
Title: ESB-2008.0255 -- [Win][Linux][RedHat][Solaris] -- Sun StorageTek Common
Array Manager (CAM) 6.0.1 May Record an Incorrect IP Address For One of
The Controllers During Array Registration
Date: 12 March 2008
OS: Solaris, Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other
Linux Variants, Windows XP, Red Hat Linux
URL: http://www.auscert.org.au/8941
Title: ESB-2008.0254 -- [RedHat] -- Moderate: java-1.4.2-bea security update
Date: 12 March 2008
OS: Red Hat Linux
URL: http://www.auscert.org.au/8940
Title: ESB-2008.0253 -- [RedHat] -- Moderate: tomcat security update
Date: 12 March 2008
OS: Red Hat Linux
URL: http://www.auscert.org.au/8939
Title: ESB-2008.0252 -- [HP-UX] -- HPSBUX02316 SSRT071495 rev.1 - HP-UX
running HP CIFS Server (Samba), Remote Execution of Arbitrary Code
Date: 12 March 2008
OS: HP-UX
URL: http://www.auscert.org.au/8938
Title: ESB-2008.0251 -- [Win] -- Symantec Altiris Deployment Server Escalation
of Privileges
Date: 12 March 2008
OS: Windows 2003, Windows 2000, Windows XP, Windows Vista
URL: http://www.auscert.org.au/8937
Title: ESB-2008.0250 -- [Debian] -- New libnet-dns-perl packages fix several
vulnerabilities
Date: 12 March 2008
OS: Ubuntu, Debian GNU/Linux
URL: http://www.auscert.org.au/8936
Title: ESB-2008.0249 -- [Win][UNIX/Linux] -- Adobe Security Bulletins - March
2008
Date: 13 March 2008
OS: Windows ME, Windows Vista, Mac OS X, Windows NT 4, Red Hat Linux,
Windows XP, Other Linux Variants, FreeBSD, Windows 2000, OpenBSD,
Windows 2003, Other BSD Variants, Debian GNU/Linux, Ubuntu, Windows
98/98SE
URL: http://www.auscert.org.au/8935
Title: ESB-2008.0248 -- [Win][UNIX/Linux] -- SAP MaxDB Signedness Error Heap
Corruption Vulnerability
Date: 11 March 2008
OS: Solaris, Ubuntu, Debian GNU/Linux, Other BSD Variants, Windows 2003,
OpenBSD, Windows 2000, FreeBSD, Other Linux Variants, Red Hat Linux,
HP-UX, AIX
URL: http://www.auscert.org.au/8929
Title: ESB-2008.0247 -- [UNIX/Linux] -- SAP MaxDB sdbstarter Privilege
Escalation Vulnerability
Date: 10 March 2008
OS: Solaris, OpenBSD, Other BSD Variants, FreeBSD, HP-UX, Ubuntu, Debian
GNU/Linux, Other Linux Variants, Red Hat Linux, AIX
URL: http://www.auscert.org.au/8928
Title: ESB-2008.0246 -- [Win][UNIX/Linux] -- phpMyAdmin - SQL injection
vulnerability
Date: 11 March 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows
Vista
URL: http://www.auscert.org.au/8927
Title: ESB-2008.0245 -- [Solaris] -- Solaris Daylight Saving Time (DST) Update
(March 2008)
Date: 10 March 2008
OS: Solaris
URL: http://www.auscert.org.au/8923
Title: ESB-2008.0244 -- [Solaris] -- Solaris ICU 3.2 Library - Multiple
Security Vulnerabilities
Date: 10 March 2008
OS: Solaris
URL: http://www.auscert.org.au/8922
Title: ESB-2008.0243 -- [Linux][Solaris] -- Sun Java Web Console - Security
Vulnerability
Date: 13 March 2008
OS: Red Hat Linux, Other Linux Variants, Debian GNU/Linux, Ubuntu, Solaris
URL: http://www.auscert.org.au/8921
Title: ESB-2008.0242 -- [Win][UNIX/Linux][Debian][OSX] -- New moin packages
fix several vulnerabilities
Date: 10 March 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows
Vista
URL: http://www.auscert.org.au/8920
Title: ESB-2008.0161 -- [HP-UX] -- HP-UX Running Apache, Remote Cross Site
Scripting (XSS)
Date: 12 March 2008
OS: HP-UX
URL: http://www.auscert.org.au/8814
Title: ESB-2008.0084 -- [HP-UX] -- HP-UX Running ARPA Transport, Remote Denial
of Service (DoS)
Date: 11 March 2008
OS: HP-UX
URL: http://www.auscert.org.au/8689
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list