[AusNOG] AusCERT Week in Review - Week Ending 03/10/2008 (AUSCERT#20073F686)
Matthew Braid
mdb at auscert.org.au
Fri Oct 3 16:20:43 EST 2008
AusCERT Week in Review
03 October 2008
AusCERT in the Media:
---------------------
Papers, Articles and other documents:
-------------------------------------
Web Log Entries:
----------------
Alerts, Advisories and Updates:
-------------------------------
Title: AA-2008.0106 -- [Win][UNIX/Linux] -- Privilege escalation vulnerability
reported in MySQL
Date: 01 October 2008
URL: http://www.auscert.org.au/9266
Title: AA-2008.0207 -- [UNIX/Linux] -- Cross-site request forgery
vulnerability in ProFTPD
Date: 29 September 2008
URL: http://www.auscert.org.au/9907
Title: AA-2008.0208 -- [UNIX/Linux] -- Vulnerabilities in lighttpd 1.4 may
allow attackers to access sensitive information
Date: 29 September 2008
URL: http://www.auscert.org.au/9908
External Security Bulletins:
----------------------------
Title: ESB-2008.0942 -- [Win][Mac][OSX] -- Apple TV 2.2
Date: 03 October 2008
OS: Windows 2003, Windows XP, Server 2008, Mac OS X, Windows Vista
URL: http://www.auscert.org.au/9922
Title: ESB-2008.0941 -- [RedHat] -- Important: tomcat security update
Date: 03 October 2008
OS: Red Hat Linux
URL: http://www.auscert.org.au/9921
Title: ESB-2008.0940 -- [Appliance] -- Cross-site scripting vulnerability in
ICAP Patience page
Date: 03 October 2008
URL: http://www.auscert.org.au/9920
Title: ESB-2008.0939 -- [UNIX/Linux][RedHat] -- Moderate: pam_krb5 security
update
Date: 03 October 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/9919
Title: ESB-2008.0938 -- [Solaris] -- Solaris 10 fifofs Patches 127737-02 and
127738-02 WITHDRAWN, May Cause a System Panic
Date: 03 October 2008
OS: Solaris
URL: http://www.auscert.org.au/9918
Title: ESB-2008.0937 -- [Win][UNIX/Linux] -- Moderate: thunderbird security
update
Date: 02 October 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX, AIX,
Windows Vista
URL: http://www.auscert.org.au/9917
Title: ESB-2008.0936 -- [UNIX/Linux][RedHat] -- Important: xen security and
bug fix update
Date: 02 October 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/9916
Title: ESB-2008.0935 -- [UNIX/Linux][FreeBSD] -- IPv6 Neighbor Discovery
Protocol routing vulnerability
Date: 02 October 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/9915
Title: ESB-2008.0934 -- [RedHat] -- Moderate: wireshark security update
Date: 02 October 2008
OS: Red Hat Linux
URL: http://www.auscert.org.au/9914
Title: ESB-2008.0933 -- [Win] -- Vulnerability in Citrix Presentation Server
for Windows could result in privilege escalation
Date: 01 October 2008
OS: Windows 2003, Windows 2000
URL: http://www.auscert.org.au/9912
Title: ESB-2008.0932 -- [Win] -- phpMyAdmin security announcement PMASA-2008-8
Date: 30 September 2008
OS: Windows 2003, Windows 2000, Windows XP, Server 2008, Windows Vista
URL: http://www.auscert.org.au/9911
Title: ESB-2008.0931 -- [Win][Linux] -- HP Insight Diagnostics, Remote
Unauthorized Access to Files
Date: 30 September 2008
OS: Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Server 2008, Red
Hat Linux
URL: http://www.auscert.org.au/9910
Title: ESB-2008.0930 -- [Win] -- ABB PCU400 vulnerable to stack overflow
Date: 29 September 2008
OS: Windows 2003, Windows XP, Server 2008, Windows Vista
URL: http://www.auscert.org.au/9909
Title: ESB-2008.0929 -- [Solaris] -- Multiple Security Vulnerabilities in the
Solaris Server Extensions may lead to a Denial of Service (DoS)
condition or allow Execution of Arbitrary Code
Date: 02 October 2008
OS: Solaris
URL: http://www.auscert.org.au/9904
Title: ESB-2008.0892 -- [Solaris] -- Security Vulnerability in the ACL
(acl(2)) Implementation for UFS File Systems May Allow a Local User to
Panic the System
Date: 29 September 2008
OS: Solaris
URL: http://www.auscert.org.au/9861
Title: ESB-2008.0890 -- [Win] -- ISC Advisory: BIND 9.3.5-P2-W2 is now
available
Date: 29 September 2008
OS: Windows ME, Windows Vista, Windows NT 4, Server 2008, Windows XP,
Windows 2000, Windows 2003, Windows 98/98SE
URL: http://www.auscert.org.au/9859
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list