[AusNOG] AusCERT Week in Review - Week Ending 07/08/2009 (AUSCERT#20073F686)
Jonathan Levine
jonathan at auscert.org.au
Fri Aug 7 16:56:56 EST 2009
AusCERT Week in Review
07 August 2009
Web Log Entries:
----------------
Title: Firefox updates available
Date: 05 August 2009
URL: http://www.auscert.org.au/11422
Alerts, Advisories and Updates:
-------------------------------
Title: ASB-2009.1043.3 - UPDATE [Appliance] BIG-IP: Denial of service -
Remote/unauthenticated
Date: 07 August 2009
URL: http://www.auscert.org.au/11429
Title: AA-2008.0264 -- [Win][Netware][UNIX/Linux] -- Malformed CAB files may
crash Sophos Anti-virus
Date: 06 August 2009
URL: http://www.auscert.org.au/10264
Title: ASB-2009.1042 - [Linux] strongSwan 2.8.10 and prior: Denial of
service
- Remote/unauthenticated
Date: 05 August 2009
URL: http://www.auscert.org.au/11428
Title: ASB-2009.1040.3 - UPDATE [Win][UNIX/Linux] Firefox 3.5.1 & 3.0.12:
Multiple vulnerabilities
Date: 05 August 2009
URL: http://www.auscert.org.au/11419
Title: ASB-2009.1041 - [Win][UNIX/Linux] Wordpress 2.8.1 and prior: Multiple
vulnerabilities
Date: 04 August 2009
URL: http://www.auscert.org.au/11420
Title: ASB-2009.1026.4 - UPDATED ALERT [Win][UNIX/Linux] Adobe Flash, Adobe
Acrobat and Adobe Reader: Multiple vulnerabilities
Date: 03 August 2009
URL: http://www.auscert.org.au/11356
Title: ASB-2009.1037 - [Win][UNIX/Linux] Joomla!: Reduced security -
Existing
account
Date: 03 August 2009
URL: http://www.auscert.org.au/11415
Title: ASB-2009.1038 - ALERT [Win][UNIX/Linux] SquirrelMail plugins: Access
confidential data - Remote/unauthenticated
Date: 03 August 2009
URL: http://www.auscert.org.au/11416
Title: ASB-2009.1039 - [Win][UNIX/Linux] MySQL: Denial of service - Existing
account
Date: 03 August 2009
URL: http://www.auscert.org.au/11417
External Security Bulletins:
----------------------------
Title: ESB-2009.1147 - [HP OpenVMS] BIND: Denial of service -
Remote/unauthenticated
Date: 07 August 2009
OS: HP Tru64 UNIX, HP-UX
URL: http://www.auscert.org.au/11442
Title: ESB-2009.1146 - [Win][Linux][Solaris][Mac][OSX] Sun VirtualBox:
Denial
of service - Existing account
Date: 07 August 2009
OS: Solaris, Red Hat Linux, Windows 2003, Windows XP, SUSE, Windows 2000,
Windows Vista, Mac OS X, Windows Server 2008, Other Linux Variants,
Ubuntu, Debian GNU/Linux
URL: http://www.auscert.org.au/11441
Title: ESB-2009.1145 - [Win][Linux][HP-UX][Solaris] Sun Java System Access
Manager and OpenSSO Enterprise: Unauthorised access -
Remote/unauthenticated
Date: 07 August 2009
OS: Solaris, Red Hat Linux, Windows 2003, HP-UX, Windows XP, SUSE,
Windows
2000, Windows Vista, Windows Server 2008, Other Linux Variants,
Ubuntu,
Debian GNU/Linux
URL: http://www.auscert.org.au/11440
Title: ESB-2009.1144 - [RedHat] Sun Java and IBM Java: Multiple
vulnerabilities
Date: 07 August 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11439
Title: ESB-2009.1143 - [Solaris][OpenSolaris] XScreenSaver: Access
privileged
data - Console/physical
Date: 07 August 2009
OS: Solaris
URL: http://www.auscert.org.au/11438
Title: ESB-2009.1142 - [UNIX/Linux] fetchmail prior to 6.3.11: Provide
misleading information - Remote/unauthenticated
Date: 07 August 2009
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/11437
Title: ESB-2009.1141 - [Win][UNIX/Linux] XML libraries: Multiple
vulnerabilities
Date: 07 August 2009
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Mac OS X,
Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD Variants,
SUSE,
OpenBSD, Windows 2000, AIX, Windows Vista, FreeBSD, Other Linux
Variants, Windows Server 2008
URL: http://www.auscert.org.au/11436
Title: ESB-2009.1140 - [UNIX/Linux][Debian] gst-plugins-bad0.10: Denial of
service - Remote with user interaction
Date: 07 August 2009
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/11435
Title: ESB-2009.1139 - [SUSE] Mozilla Firefox: Multiple vulnerabilities
Date: 07 August 2009
OS: SUSE
URL: http://www.auscert.org.au/11434
Title: ESB-2009.1138 - ALERT [Mac][OSX] Mac OS X prior to v10.5.8: Multiple
vulnerabilities
Date: 06 August 2009
OS: Mac OS X
URL: http://www.auscert.org.au/11433
Title: ESB-2009.1137 - [SUSE][OpenSUSE] flash-player package: Execute
arbitrary code/commands - Remote with user interaction
Date: 06 August 2009
OS: SUSE
URL: http://www.auscert.org.au/11432
Title: ESB-2009.1136 - [Win][UNIX/Linux] Webform report (Drupal third-party
module): Cross-site scripting - Remote with user interaction
Date: 06 August 2009
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Mac OS X,
Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD Variants,
SUSE,
OpenBSD, Windows 2000, AIX, Windows Vista, FreeBSD, Other Linux
Variants, Windows Server 2008
URL: http://www.auscert.org.au/11431
Title: ESB-2009.1135 - [AIX] BIND 9: Denial of service -
Remote/unauthenticated
Date: 06 August 2009
OS: AIX
URL: http://www.auscert.org.au/11430
Title: ESB-2009.1134 - [AIX] XL C++ runtime library: Multiple
vulnerabilities
Date: 05 August 2009
OS: AIX
URL: http://www.auscert.org.au/11427
Title: ESB-2009.1133 - [Solaris][OpenSolaris] libtiff: Execute arbitrary
code/commands - Remote with user interaction
Date: 05 August 2009
OS: Solaris
URL: http://www.auscert.org.au/11426
Title: ESB-2009.1132.2 - UPDATED ALERT [Win][Linux][Solaris] Sun Java:
Multiple vulnerabilities
Date: 07 August 2009
OS: Debian GNU/Linux, Ubuntu, Other Linux Variants, Windows Server 2008,
Windows Vista, Windows 2000, SUSE, Windows XP, Windows 2003, Red Hat
Linux, Solaris
URL: http://www.auscert.org.au/11425
Title: ESB-2009.1131 - [RedHat] kernel: Multiple vulnerabilities
Date: 05 August 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11424
Title: ESB-2009.1130 - [UNIX/Linux][Debian] libmodplug: Multiple
vulnerabilities
Date: 05 August 2009
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Mac OS X, Ubuntu, Debian
GNU/Linux, HP-UX, Other BSD Variants, SUSE, OpenBSD, AIX, FreeBSD,
Other Linux Variants
URL: http://www.auscert.org.au/11423
Title: ESB-2009.1129 - [Win][UNIX/Linux] Bugzilla prior to 3.4.1: Access
privileged data - Existing account
Date: 04 August 2009
OS: IRIX, HP Tru64 UNIX, Solaris, Red Hat Linux, Windows 2003, Mac OS X,
Ubuntu, Debian GNU/Linux, HP-UX, Windows XP, Other BSD Variants,
SUSE,
OpenBSD, Windows 2000, AIX, Windows Vista, FreeBSD, Other Linux
Variants, Windows Server 2008
URL: http://www.auscert.org.au/11421
Title: ESB-2009.1128 - [Win][RedHat][HP-UX][SUSE] HP Serviceguard Manager:
Multiple vulnerabilities
Date: 04 August 2009
OS: Red Hat Linux, Windows 2003, HP-UX, Windows XP, SUSE, Windows 2000,
Windows Vista, Windows Server 2008, Novell Netware
URL: http://www.auscert.org.au/11418
Title: ESB-2009.1127.2 - UPDATE [Solaris][OpenSolaris] Solaris Trusted
Extensions: Denial of service - Existing account
Date: 04 August 2009
OS: Solaris
URL: http://www.auscert.org.au/11414
Title: ESB-2009.1126 - [Solaris][OpenSolaris] BIND: Denial of service -
Remote/unauthenticated
Date: 03 August 2009
OS: Solaris
URL: http://www.auscert.org.au/11413
Title: ESB-2009.1125 - [Appliance] iPhone: Execute arbitrary code/commands -
OS: Solaris
URL: http://www.auscert.org.au/11413
Title: ESB-2009.1125 - [Appliance] iPhone: Execute arbitrary code/commands -
Remote/unauthenticated
Date: 03 August 2009
URL: http://www.auscert.org.au/11412
Title: ESB-2009.1124.2 - UPDATE [Debian] znc: Create arbitrary files -
Existing account
Date: 05 August 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/11411
Title: ESB-2009.1123 - [Debian] xml-security-c: Provide misleading
information
- Remote/unauthenticated
Date: 03 August 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/11410
Title: ESB-2009.1122 - [RedHat] flash-plugin: Multiple vulnerabilities
Date: 03 August 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11409
Title: ESB-2009.1121.2 - UPDATE [Win][UNIX/Linux][RedHat] Red Hat: Multiple
vulnerabilities
Date: 03 August 2009
OS: HP Tru64 UNIX, Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD,
HP-UX, SUSE, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat
Linux, AIX, Windows Server 2008, Windows Vista, Windows 2003, Windows
2000, Windows XP, Mac OS X
URL: http://www.auscert.org.au/11407
Title: ESB-2009.1107.2 - UPDATE [Win][UNIX/Linux] Firebird SQL: Denial of
service - Remote/unauthenticated
Date: 04 August 2009
OS: Other Linux Variants, Windows Server 2008, FreeBSD, Windows Vista,
AIX,
Windows 2000, OpenBSD, SUSE, Other BSD Variants, Windows XP, HP-UX,
Debian GNU/Linux, Ubuntu, Mac OS X, Windows 2003, Red Hat Linux, HP
Tru64 UNIX, Solaris, IRIX
URL: http://www.auscert.org.au/11388
Title: ESB-2009.1061.2 - UPDATE [Debian] tiff: Multiple vulnerabilities
Date: 05 August 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/11312
Title: ESB-2007.0036 -- [HP-UX] -- HPSBUX02181 SSRT061289 rev.1 - HP-UX
Running IPFilter, Remote Unauthorized Denial of Service (DoS)
Date: 04 August 2009
OS: HP-UX
URL: http://www.auscert.org.au/7205
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20090807/1bc52c00/attachment.html>
More information about the AusNOG
mailing list