[AusNOG] AusCERT Week in Review - Week Ending 26/09/2008 (AUSCERT#20073F686)

Robert Lowe rlowe at auscert.org.au
Fri Sep 26 16:55:29 EST 2008


AusCERT Week in Review
26 September 2008


Alerts, Advisories and Updates:
-------------------------------
Title: AA-2008.0206 -- [Win][UNIX/Linux] -- Gallery packages released
       correctling multiple vulnerabilities 
Date:  25 September 2008
URL:   http://www.auscert.org.au/9877

Title: AU-2008.0019 -- AusCERT Update - [Win][UNIX/Linux] - Additional Mozilla
       advisories and Thunderbird release information 
Date:  25 September 2008
URL:   http://www.auscert.org.au/9897

Title: AL-2008.0099 -- [Win][UNIX/Linux] -- Firefox 3.0.2/2.0.0.17,
       Thunderbird 2.0.0.17 and SeaMonkey 1.1.12 released to correct multiple
       vulnerabilities 
Date:  25 September 2008
URL:   http://www.auscert.org.au/9881

Title: AA-2008.0193 -- [Win][UNIX/Linux][Mac][OSX] -- Joomla! 1.5.7 released
       correcting multiple vulnerabilities 
Date:  24 September 2008
URL:   http://www.auscert.org.au/9821

Title: AA-2008.0205 -- [Win][UNIX/Linux] -- libpng buffer overflow
       vulnerability 
Date:  24 September 2008
URL:   http://www.auscert.org.au/9875

Title: AA-2008.0204 -- [Win] -- CitecSCADA FTP updates and advice 
Date:  23 September 2008
URL:   http://www.auscert.org.au/9873


External Security Bulletins:
----------------------------
Title: ESB-2008.0929 -- [Solaris] -- Multiple Security Vulnerabilities in the
       Solaris Server Extensions may lead to a Denial of Service (DoS)
       condition or allow Execution of Arbitrary Code 
Date:  26 September 2008
OS:    Solaris 
URL:   http://www.auscert.org.au/9904

Title: ESB-2008.0929 -- [Win][UNIX/Linux] -- BitlBee: Security bypass 
Date:  26 September 2008
OS:    Windows 98/98SE, Ubuntu, Debian GNU/Linux, Other BSD Variants, Windows
       2003, OpenBSD, Windows 2000, FreeBSD, Other Linux Variants, Windows XP,
       Server 2008, Red Hat Linux, Windows NT 4, Windows Vista, Windows ME 
URL:   http://www.auscert.org.au/9905

Title: ESB-2008.0928 -- [Solaris] -- Security Vulnerabilities in the Sun Ray
       Device Manager Daemon 
Date:  26 September 2008
OS:    Solaris 
URL:   http://www.auscert.org.au/9903

Title: ESB-2008.0927 -- [Win] -- HP Storage Management Appliance (SMA),
       Microsoft Patch Applicability MS08-052 to MS08-055 
Date:  26 September 2008
OS:    Windows 2000 
URL:   http://www.auscert.org.au/9902

Title: ESB-2008.0926 -- [Solaris] -- Solaris Cluster 3.1 and 3.2 with a
       Solaris rpc.metad Patch May Cause Cluster Node to Hang and metainit(1M)
       to Fail 
Date:  26 September 2008
OS:    Solaris 
URL:   http://www.auscert.org.au/9901

Title: ESB-2008.0925 -- [Win][UNIX/Linux] -- Vulnerabilties in several Drupal
       third-party modules 
Date:  26 September 2008
OS:    HP Tru64 UNIX, Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD,
       HP-UX, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux,
       AIX, Server 2008, Windows Vista, Windows 2003, Windows 2000, Windows NT
       4, Windows ME, Windows XP, Windows 98/98SE 
URL:   http://www.auscert.org.au/9900

Title: ESB-2008.0924 -- [Win][UNIX/Linux] -- Symantec Veritas NetBackup
       Administration JAVA GUI Elevation of Privilege 
Date:  26 September 2008
OS:    Solaris, HP Tru64 UNIX, IRIX, Windows 2003, Windows 2000, Other Linux
       Variants, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows Vista 
URL:   http://www.auscert.org.au/9899

Title: ESB-2008.0923 -- [Mac][OSX] -- Java for Mac OS X 10.5 Update 2 
Date:  25 September 2008
OS:    Mac OS X 
URL:   http://www.auscert.org.au/9898

Title: ESB-2008.0922 -- [RedHat] -- Important: kernel security and bug fix
       update 
Date:  25 September 2008
OS:    Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux 
URL:   http://www.auscert.org.au/9896

Title: ESB-2008.0921 -- [Cisco] -- Cisco IOS MPLS VPN May Leak Information 
Date:  25 September 2008
OS:    Cisco Products 
URL:   http://www.auscert.org.au/9895

Title: ESB-2008.0920 -- [Cisco] -- Cisco IOS IPS Denial of Service
       Vulnerability 
Date:  25 September 2008
OS:    Cisco Products 
URL:   http://www.auscert.org.au/9894

Title: ESB-2008.0919 -- [Cisco] -- Cisco uBR10012 Series Devices SNMP
       Vulnerability 
Date:  25 September 2008
OS:    Cisco Products 
URL:   http://www.auscert.org.au/9893

Title: ESB-2008.0918 -- [Cisco] -- Multiple Cisco IOS Session Initiation
       Protocol Denial of Service Vulnerabilities 
Date:  25 September 2008
OS:    Cisco Products 
URL:   http://www.auscert.org.au/9892

Title: ESB-2008.0917 -- [Cisco] -- Cisco Unified Communications Manager
       Session Initiation Protocol Denial of Service Vulnerabilities 
Date:  25 September 2008
OS:    Cisco Products 
URL:   http://www.auscert.org.au/9891

Title: ESB-2008.0916 -- [Cisco] -- Cisco IOS Software Firewall Application
       Inspection Control Vulnerability 
Date:  25 September 2008
OS:    Cisco Products 
URL:   http://www.auscert.org.au/9890

Title: ESB-2008.0915 -- [Cisco] -- Cisco IOS NAT Skinny Call Control Protocol
       Vulnerability 
Date:  25 September 2008
OS:    Cisco Products 
URL:   http://www.auscert.org.au/9889

Title: ESB-2008.0914 -- [Cisco] -- Cisco IOS MPLS Forwarding Infrastructure
       Denial of Service Vulnerability 
Date:  25 September 2008
OS:    Cisco Products 
URL:   http://www.auscert.org.au/9888

Title: ESB-2008.0913 -- [Cisco] -- Cisco 10000, uBR10012, uBR7200 Series
       Devices IPC Vulnerability 
Date:  25 September 2008
OS:    Cisco Products 
URL:   http://www.auscert.org.au/9887

Title: ESB-2008.0912 -- [Cisco] -- Multiple Multicast Vulnerabilities in Cisco
       IOS Software 
Date:  25 September 2008
OS:    Cisco Products 
URL:   http://www.auscert.org.au/9886

Title: ESB-2008.0911 -- [Cisco] -- Vulnerability in Cisco IOS While Processing
       SSL Packet 
Date:  25 September 2008
OS:    Cisco Products 
URL:   http://www.auscert.org.au/9885

Title: ESB-2008.0910 -- [RedHat] -- Critical: seamonkey security update 
Date:  25 September 2008
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/9884

Title: ESB-2008.0909 -- [Cisco] -- Cisco IOS Software Layer 2 Tunneling
       Protocol (L2TP) Denial of Service Vulnerability 
Date:  25 September 2008
OS:    Cisco Products 
URL:   http://www.auscert.org.au/9883

Title: ESB-2008.0908 -- [RedHat] -- Critical: firefox security update 
Date:  24 September 2008
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/9882

Title: ESB-2008.0907 -- [Win][UNIX/Linux] -- R: Insecure temporary file
       creation 
Date:  24 September 2008
OS:    Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
       IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
       Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX, AIX,
       Windows Vista 
URL:   http://www.auscert.org.au/9880

Title: ESB-2008.0906 -- [UNIX/Linux][OSX] -- Newsbeuter: User-assisted
       execution of arbitrary code 
Date:  24 September 2008
OS:    Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
       IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X,
       HP-UX, AIX 
URL:   http://www.auscert.org.au/9879

Title: ESB-2008.0905 -- [Linux] -- HAVP: Denial of Service 
Date:  24 September 2008
OS:    Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux 
URL:   http://www.auscert.org.au/9878

Title: ESB-2008.0904 -- [UNIX/Linux] -- A heap-based buffer overflow was found
       in GNU ed that allowed context-dependent or user-assisted attackers to
       execute arbitrary code via a long filename 
Date:  24 September 2008
OS:    Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
       IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X,
       HP-UX, AIX 
URL:   http://www.auscert.org.au/9876

Title: ESB-2008.0903 -- [Solaris] -- Solaris 10 Kernel Patches 127111-08 and
       127112-08 May Cause a System Panic From ip_wput_ioctl() 
Date:  24 September 2008
OS:    Solaris 
URL:   http://www.auscert.org.au/9874

Title: ESB-2008.0902 -- [RedHat] -- Low: JBoss Enterprise Application Platform
       security update 
Date:  24 September 2008
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/9872

Title: ESB-2008.0901 -- [RedHat] -- Important: jbossweb security update 
Date:  23 September 2008
OS:    Red Hat Linux 
URL:   http://www.auscert.org.au/9871

Title: ESB-2008.0900 -- [HP-UX] -- HP-UX Running rpcbind, Remote Denial of
       Service (DoS) 
Date:  23 September 2008
OS:    HP-UX 
URL:   http://www.auscert.org.au/9870

Title: ESB-2008.0899 -- [Win][UNIX/Linux] -- Mantis: Multiple vulnerabilities 
Date:  23 September 2008
OS:    Solaris, HP Tru64 UNIX, Windows 98/98SE, Ubuntu, Debian GNU/Linux,
       Other BSD Variants, IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD,
       Other Linux Variants, Windows XP, Server 2008, Red Hat Linux, Windows
       NT 4, Mac OS X, HP-UX, AIX, Windows Vista, Windows ME 
URL:   http://www.auscert.org.au/9869

Title: ESB-2008.0898 -- [Debian] -- New horde3 packages fix cross site
       scripting 
Date:  23 September 2008
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/9868

Title: ESB-2008.0897 -- [Debian] -- New phpmyadmin packages fix several issues
Date:  23 September 2008
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/9867

Title: ESB-2008.0896 -- [UNIX/Linux][Debian] -- New python-django packages fix
       cross site request forgery 
Date:  23 September 2008
OS:    Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
       IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX, AIX
URL:   http://www.auscert.org.au/9866

Title: ESB-2008.0895 -- [Debian] -- New twiki packages execution of arbitrary
       code 
Date:  23 September 2008
OS:    Debian GNU/Linux 
URL:   http://www.auscert.org.au/9865

Title: ESB-2008.0894 -- [Linux][Solaris] -- Security Vulnerability in the
       Logging Output of Sun Java System Access Manager 
Date:  22 September 2008
OS:    Solaris, Red Hat Linux 
URL:   http://www.auscert.org.au/9863

Title: ESB-2008.0893 -- [Win][Linux][Solaris] -- Cross-site Scripting (XSS)
       Vulnerability in the Sun Java System Access Manager Administration
       Console 
Date:  22 September 2008
OS:    Solaris, Windows 2003, Windows 2000, Windows XP, Red Hat Linux 
URL:   http://www.auscert.org.au/9862

Title: ESB-2008.0892 -- [Solaris] -- Security Vulnerability in the ACL
       (acl(2)) Implementation for UFS File Systems May Allow a Local User to
       Panic the System 
Date:  22 September 2008
OS:    Solaris 
URL:   http://www.auscert.org.au/9861

Title: ESB-2008.0891 -- [VMware ESX][Linux] -- Updated ESXi and ESX 3.5
       packages address critical security issue in openwsman 
Date:  22 September 2008
OS:    Virtualisation, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat
       Linux 
URL:   http://www.auscert.org.au/9860

Title: ESB-2008.0890 -- [Win] -- ISC Advisory: BIND 9.3.5-P2-W2 is now
       available 
Date:  22 September 2008
OS:    Windows 98/98SE, Windows 2003, Windows 2000, Windows XP, Server 2008,
       Windows NT 4, Windows Vista, Windows ME 
URL:   http://www.auscert.org.au/9859

Title: ESB-2008.0884 -- [Win][UNIX/Linux] -- phpMyAdmin security announcement
       PMASA-2008-7 
Date:  23 September 2008
OS:    Windows Vista, AIX, HP-UX, Mac OS X, Red Hat Linux, Server 2008,
       Windows XP, Other Linux Variants, FreeBSD, Windows 2000, OpenBSD,
       Windows 2003, IRIX, Other BSD Variants, Debian GNU/Linux, Ubuntu, HP
       Tru64 UNIX, Solaris 
URL:   http://www.auscert.org.au/9844

Title: ESB-2008.0883 -- [Win] -- InstallShield / Macrovision / Acresso FLEXnet
       Connect insecurely retrieves and executes scripts 
Date:  24 September 2008
OS:    Windows Vista, Server 2008, Windows XP, Windows 2000, Windows 2003 
URL:   http://www.auscert.org.au/9843

Title: ESB-2008.0871 -- [HP OpenVMS] -- HP OpenVMS SMGRTL Run Time Library,
       Local Authorized User, Gain Privileged Access 
Date:  26 September 2008
OS:    HP-UX, HP Tru64 UNIX 
URL:   http://www.auscert.org.au/9829

Title: ESB-2008.0848 -- [Win][UNIX/Linux][Debian] -- New wordnet packages fix
       arbitrary code execution 
Date:  23 September 2008
OS:    Windows Vista, AIX, HP-UX, Mac OS X, Red Hat Linux, Server 2008,
       Windows XP, Other Linux Variants, FreeBSD, Windows 2000, OpenBSD,
       Windows 2003, IRIX, Other BSD Variants, Debian GNU/Linux, Ubuntu, HP
       Tru64 UNIX, Solaris 
URL:   http://www.auscert.org.au/9779

Title: ESB-2008.0846 -- [Win][VMware ESX][Linux] -- Updates to VMware
       Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX
       address information disclosure, privilege escalation and other security
       issues 
Date:  23 September 2008
OS:    Windows Vista, Red Hat Linux, Server 2008, Virtualisation, Windows XP,
       Other Linux Variants, Windows 2000, Windows 2003, Debian GNU/Linux,
       Ubuntu 
URL:   http://www.auscert.org.au/9775

Title: ESB-2008.0797 -- [VMware ESX] -- Updated ESX packages for OpenSSL,
       net-snmp, perl 
Date:  23 September 2008
OS:    Virtualisation 
URL:   http://www.auscert.org.au/9713

Title: ESB-2008.0741 -- [Win][UNIX/Linux][Debian] -- New python-dns packages
       fix DNS response spoofing 
Date:  23 September 2008
OS:    Windows Vista, AIX, HP-UX, Mac OS X, Red Hat Linux, Server 2008,
       Windows XP, Other Linux Variants, FreeBSD, Windows 2000, OpenBSD,
       Windows 2003, IRIX, Other BSD Variants, Debian GNU/Linux, Ubuntu, HP
       Tru64 UNIX, Solaris 
URL:   http://www.auscert.org.au/9637



===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert at auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================






More information about the AusNOG mailing list