[AusNOG] AusCERT Week in Review - Week Ending 12/09/2008 (AUSCERT#20073f686)
Paul Fahey
paul at auscert.org.au
Fri Sep 12 16:39:20 EST 2008
Alerts, Advisories and Updates:
-------------------------------
Title: AA-2008.0196 -- [Win] -- Malicious Email Targeting Australians
Date: 12 September 2008
URL: http://www.auscert.org.au/9832
Title: AA-2008.0182 -- [Linux] -- Denial of Service Vulnerability Reported in
Postfix on Linux
Date: 11 September 2008
URL: http://www.auscert.org.au/9785
Title: AA-2008.0185 -- [UNIX/Linux] -- Denial of Service vulnerability
reported in ClamAV
Date: 11 September 2008
URL: http://www.auscert.org.au/9795
Title: AA-2008.0193 -- [Win][UNIX/Linux][OSX] -- Joomla! 1.5.7 released
correcting multiple vulnerabilities
Date: 11 September 2008
URL: http://www.auscert.org.au/9821
Title: AA-2008.0194 -- [Appliance] -- Vulnerability identified in Ingate
Firewall and Ingate SIParator
Date: 11 September 2008
URL: http://www.auscert.org.au/9825
Title: AA-2008.0195 -- [Win][UNIX/Linux] -- Wordpress version 2.6.2 release
now available
Date: 11 September 2008
URL: http://www.auscert.org.au/9826
Title: AA-2008.0188 -- [Win] -- Denial of Service vulnerability reported in
Bind for Windows
Date: 10 September 2008
URL: http://www.auscert.org.au/9800
Title: AL-2008.0093 -- [Win] -- MS08-052 - Vulnerabilities in GDI+ Could Allow
Remote Code Execution
Date: 10 September 2008
URL: http://www.auscert.org.au/9814
Title: AL-2008.0094 -- [Win] -- MS08-053 - Vulnerability in Windows Media
Encoder 9 Could Allow Remote Code Execution
Date: 10 September 2008
URL: http://www.auscert.org.au/9815
Title: AL-2008.0095 -- [Win] -- MS08-054 - Vulnerability in Windows Media
Player Could Allow Remote Code Execution
Date: 10 September 2008
URL: http://www.auscert.org.au/9816
Title: AL-2008.0096 -- [Win] -- MS08-055 - Vulnerability in Microsoft Office
Could Allow Remote Code Execution
Date: 10 September 2008
URL: http://www.auscert.org.au/9817
Title: AL-2008.0097 -- [Win][Mac][OSX] -- QuickTime 7.5.5 released fixing
multiple vulnerabilities
Date: 10 September 2008
URL: http://www.auscert.org.au/9818
Title: AA-2007.0099 -- [Linux] -- Linux kernel vulnerable to multiple denial
of service
Date: 10 September 2008
URL: http://www.auscert.org.au/8337
Title: AA-2008.0191 -- [Win][Linux][HP-UX][Solaris][AIX] -- IBM releases
Fixpack 17 for DB2 Version 8
Date: 09 September 2008
URL: http://www.auscert.org.au/9809
Title: AA-2008.0192 -- [Win][Appliance] -- Nortel releases advisory to address
BIND/DNS vulnerability
Date: 09 September 2008
URL: http://www.auscert.org.au/9810
Title: AA-2008.0186 -- [Win] -- Multiple buffer overflow vulnerabilities in
Novell iPrint Client
Date: 08 September 2008
URL: http://www.auscert.org.au/9798
Title: AA-2008.0187 -- [Win][UNIX/Linux] -- Denial of Service vulnerability
reported in Wireshark
Date: 08 September 2008
URL: http://www.auscert.org.au/9799
External Security Bulletins:
----------------------------
Title: ESB-2007.1024 -- [Solaris] -- Multiple Security Vulnerabilities Within
the GIMP Plugins
Date: 12 September 2008
OS: Solaris
URL: http://www.auscert.org.au/8521
Title: ESB-2008.0873 -- [Solaris] -- Multiple Printing Regressions in Solaris
10
Date: 12 September 2008
OS: Solaris
URL: http://www.auscert.org.au/9831
Title: ESB-2008.0872 -- [Appliance] -- Persistent Reservation Commands
Processed Slowly on Sun StorageTek Arrays May Cause Loss of Access or
Timeouts to Filesystems
Date: 12 September 2008
URL: http://www.auscert.org.au/9830
Title: ESB-2008.0871 -- [HP OpenVMS] -- HP OpenVMS SMGRTL Run Time Library,
Local Authorized User, Gain Privileged Access
Date: 12 September 2008
OS: HP Tru64 UNIX, HP-UX
URL: http://www.auscert.org.au/9829
Title: ESB-2008.0870 -- [Linux][Debian] -- New Linux 2.6.24 packages fix
several vulnerabilities
Date: 12 September 2008
OS: Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/9828
Title: ESB-2008.0869 -- [RedHat] -- Important: libxml2 security update
Date: 12 September 2008
OS: Red Hat Linux
URL: http://www.auscert.org.au/9827
Title: ESB-2008.0868 -- [Debian] -- New freetype packages fix multiple
vulnerabilities
Date: 11 September 2008
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/9824
Title: ESB-2008.0867 -- [RedHat] -- Important: ipa security update
Date: 11 September 2008
OS: Red Hat Linux
URL: http://www.auscert.org.au/9823
Title: ESB-2008.0866 -- [RedHat] -- Moderate: redhat-ds-base security and bug
fix update
Date: 11 September 2008
OS: Red Hat Linux
URL: http://www.auscert.org.au/9822
Title: ESB-2008.0865 -- [Win][UNIX/Linux][Mac][OSX] -- Information disclosure
vulnerability in Apache Tomcat
Date: 11 September 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX, AIX,
Windows Vista
URL: http://www.auscert.org.au/9820
Title: ESB-2008.0864 -- [Solaris] -- Security Vulnerability in GNU tar May
Lead to Arbitrary Code Execution or Denial of Service (DoS)
Date: 10 September 2008
OS: Solaris
URL: http://www.auscert.org.au/9819
Title: ESB-2008.0863 -- [Win] -- Bonjour for Windows 1.0.5 update released
Date: 10 September 2008
OS: Windows 2003, Windows 2000, Windows XP, Server 2008, Windows Vista
URL: http://www.auscert.org.au/9813
Title: ESB-2008.0862 -- [Win][Mac][OSX] -- iTunes 8.0 update released
Date: 10 September 2008
OS: Windows 2003, Windows 2000, Windows XP, Server 2008, Mac OS X, Windows
Vista
URL: http://www.auscert.org.au/9812
Title: ESB-2006.0862 -- [Solaris] -- Security Vulnerability in GIMP(1) May
Lead to Denial of Service (DoS) or Execution of Arbitrary Code
Date: 10 September 2008
OS: Solaris
URL: http://www.auscert.org.au/7001
Title: ESB-2008.0861 -- [Win][Mac][OSX] -- iPod touch v2.1 update released
Date: 10 September 2008
OS: Windows 2003, Windows 2000, Windows XP, Server 2008, Mac OS X, Windows
Vista
URL: http://www.auscert.org.au/9811
Title: ESB-2008.0860 -- [UNIX/Linux] courier-authlib: SQL Injection
vulnerability
Date: 09 September 2008
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL: http://www.auscert.org.au/9807
Title: ESB-2008.0859 -- [Win] -- A vulnerability has been identified in HP
OpenView Select Identity Connectors for Windows
Date: 08 September 2008
OS: Windows 2003, Windows 2000, Windows XP, Server 2008, Windows Vista
URL: http://www.auscert.org.au/9805
Title: ESB-2008.0855 -- [FreeBSD] -- Remote kernel panics on IPv6 connections
Date: 09 September 2008
OS: FreeBSD
URL: http://www.auscert.org.au/9792
Title: ESB-2008.0854 -- [FreeBSD] -- nmount(2) local arbitrary code execution
Date: 09 September 2008
OS: FreeBSD
URL: http://www.auscert.org.au/9791
Title: ESB-2008.0853 -- [FreeBSD] -- amd64 swapgs local privilege escalation
Date: 09 September 2008
OS: FreeBSD
URL: http://www.auscert.org.au/9790
Title: ESB-2008.0770 -- [Solaris] -- Multiple Security Vulnerabilities in the
Adobe Reader may lead to Execution of Arbitrary Code and Overwrite
Arbitrary Files
Date: 12 September 2008
OS: Solaris
URL: http://www.auscert.org.au/9671
Title: ESB-2008.0755 -- [Win][Linux][Solaris] -- Security Vulnerability in
Java Runtime Environment With Applet Caching May Allow Network Access
Restrictions to be Circumvented
Date: 08 September 2008
OS: Windows Vista, Red Hat Linux, Windows XP, Other Linux Variants, Windows
2000, Windows 2003, Debian GNU/Linux, Solaris
URL: http://www.auscert.org.au/8160
Title: ESB-2008.0754 -- [Win][Linux][Solaris] -- Security Vulnerabilities in
Java Runtime Environment May Allow Network Access Restrictions to be
Circumvented
Date: 08 September 2008
OS: Windows Vista, Red Hat Linux, Windows XP, Other Linux Variants, Windows
2000, Windows 2003, Debian GNU/Linux, Solaris
URL: http://www.auscert.org.au/8159
Title: ESB-2008.0663 -- [Solaris] -- Security Vulnerabilities in Tomcat 4.0
Shipped with Solaris 9 and 10
Date: 08 September 2008
OS: Solaris
URL: http://www.auscert.org.au/9527
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list