[AusNOG] AusCERT Week in Review - Week Ending 24/04/2009 (AUSCERT#20073f686)
Patrick Mannion
patrick at auscert.org.au
Fri Apr 24 16:54:05 EST 2009
Alerts, Advisories and Updates:
-------------------------------
Title: AA-2009.0101 -- [Win][UNIX/Linux] -- Ruby: Access Privileged Data
Date: 24 April 2009
URL: http://www.auscert.org.au/10878
Title: AL-2009.0035 -- [Win][UNIX/Linux] -- Firefox, Seamonkey and
Thunderbird: Execute Arbitrary Code
Date: 23 April 2009
URL: http://www.auscert.org.au/10869
Title: AL-2009.0027 -- [Win][UNIX/Linux] -- Oracle Critical Patch Update
Pre-release Announcement for April 2009
Date: 22 April 2009
URL: http://www.auscert.org.au/10800
Title: AA-2009.0100 -- [Appliance] -- Nortel Application Gateway: Access
Privileged Data
Date: 22 April 2009
URL: http://www.auscert.org.au/10867
External Security Bulletins:
----------------------------
Title: ESB-2009.0399 -- [Win] -- Citrix XenApp: Reduced Security
Date: 24 April 2009
OS: Windows 2003
URL: http://www.auscert.org.au/10880
Title: ESB-2009.0398 -- [SUSE] -- cups: Execute Arbitrary Code
Date: 23 April 2009
OS: Other Linux Variants
URL: http://www.auscert.org.au/10877
Title: ESB-2009.0397 -- [Linux][Solaris] -- Sun Java System Delegated
Administrator: Cross-site Scripting
Date: 23 April 2009
OS: Solaris, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/10876
Title: ESB-2009.0396 -- [SUSE] -- udev: Root Compromise
Date: 23 April 2009
OS: Other Linux Variants
URL: http://www.auscert.org.au/10875
Title: ESB-2009.0395 -- [FreeBSD] -- libc: Access Privileged Data
Date: 23 April 2009
OS: FreeBSD
URL: http://www.auscert.org.au/10874
Title: ESB-2009.0394 -- [FreeBSD] -- OpenSSL: Denial of Service
Date: 23 April 2009
OS: FreeBSD
URL: http://www.auscert.org.au/10873
Title: ESB-2009.0393 -- [UNIX/Linux][Debian] -- mahara: Cross-site Scripting
Date: 23 April 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X,
HP-UX, AIX
URL: http://www.auscert.org.au/10872
Title: ESB-2009.0392 -- [RedHat] -- giflib: Execute Arbitrary Code
Date: 23 April 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10871
Title: ESB-2009.0391 -- [RedHat] -- firefox: Execute Arbitrary Code
Date: 23 April 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10870
Title: ESB-2009.0390 -- [Win][UNIX/Linux][RedHat] -- seamonkey: Execute
Arbitrary Code
Date: 22 April 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Mac OS X,
HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/10868
Title: ESB-2009.0389 -- [Ubuntu] -- APT: Provide Misleading Information
Date: 22 April 2009
OS: Debian GNU/Linux, Ubuntu
URL: http://www.auscert.org.au/10866
Title: ESB-2009.0388 -- [UNIX/Linux][Ubuntu] -- xine-lib: Execute Arbitrary
Code
Date: 22 April 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X,
HP-UX, AIX
URL: http://www.auscert.org.au/10865
Title: ESB-2009.0387 -- [Debian] -- git-core: Increased Privileges
Date: 22 April 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10864
Title: ESB-2009.0386 -- [Linux][Debian][AIX][Mac][OSX] -- slurm-llnl:
Increased Privileges
Date: 22 April 2009
OS: Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux, Mac OS
X, AIX
URL: http://www.auscert.org.au/10863
Title: ESB-2009.0385 -- [OpenSolaris] -- OpenSolaris SCTP Sockets: Denial of
Service
Date: 22 April 2009
OS: Solaris
URL: http://www.auscert.org.au/10862
Title: ESB-2009.0384 -- [Debian] -- php-json-ext: Denial of Service
Date: 21 April 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10861
Title: ESB-2009.0383 -- [Win][RedHat] -- HP StorageWorks Storage Mirroring:
Execute Arbitrary Code
Date: 21 April 2009
OS: Windows 2003, Windows 2000, Windows XP, Windows Server 2008, Red Hat
Linux, Windows Vista
URL: http://www.auscert.org.au/10860
Title: ESB-2009.0382 -- [Win][UNIX/Linux] -- HP Storage Essentials: Increased
Privileges
Date: 21 April 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Mac OS X,
HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/10858
Title: ESB-2009.0381 -- [SUSE] -- SUSE: Execute Arbitrary Code/Commands
Date: 21 April 2009
OS: Other Linux Variants
URL: http://www.auscert.org.au/10857
Title: ESB-2009.0380 -- [Solaris] -- Veritas NetBackup: Increased Privileges
Date: 20 April 2009
OS: Solaris
URL: http://www.auscert.org.au/10856
Title: ESB-2009.0379 -- [UNIX/Linux][Ubuntu] -- Poppler: Execute Arbitrary
Code
Date: 20 April 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X,
HP-UX, AIX
URL: http://www.auscert.org.au/10855
Title: ESB-2009.0378 -- [Win][UNIX/Linux][Debian] -- ejabberd: Cross-site
scripting
Date: 20 April 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Mac OS X,
HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/10854
Title: ESB-2009.0376 -- [Win][Linux][HP-UX][Solaris] -- Sun Java System
Directory Server: Multiple Vulnerabilities
Date: 20 April 2009
OS: HP-UX, Red Hat Linux, Windows Server 2008, Other Linux Variants,
Windows 2000, Windows 2003, Debian GNU/Linux, Ubuntu, Solaris
URL: http://www.auscert.org.au/10846
Title: ESB-2009.0374 -- [SUSE] -- udev: Root Compromise
Date: 22 April 2009
OS: Other Linux Variants
URL: http://www.auscert.org.au/10844
Title: ESB-2009.0370 -- [RedHat] -- udev: Root Compromise
Date: 22 April 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10839
Title: ESB-2009.0369 -- [Debian] -- udev: Root Compromise
Date: 22 April 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10838
Title: ESB-2009.0365 -- [Linux][Ubuntu] -- udev: Root Compromise
Date: 22 April 2009
OS: Red Hat Linux, Other Linux Variants, Debian GNU/Linux, Ubuntu
URL: http://www.auscert.org.au/10831
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list