[AusNOG] AusCERT Week in Review - Week Ending 13/02/2009 (AUSCERT#20073f686)
Paul Fahey
paul at auscert.org.au
Fri Feb 13 17:30:48 EST 2009
Alerts, Advisories and Updates:
-------------------------------
Title: AA-2009.0017 -- [Win] -- BlackBerry Application Web Loader ActiveX
Control Buffer Overflow
Date: 12 February 2009
URL: http://www.auscert.org.au/10493
Title: AA-2009.0018 -- [Win][UNIX/Linux] -- Multiple vulnerabilities
reported
in Tor
Date: 12 February 2009
URL: http://www.auscert.org.au/10494
Title: AA-2009.0019 -- [Win][UNIX/Linux] -- Multiple vulnerabilities
reported
in Wireshark
Date: 12 February 2009
URL: http://www.auscert.org.au/10495
Title: AA-2009.0020 -- [Win] -- Access bypass vulnerability reported in
Trend
Micro Interscan Web Security Suite
Date: 12 February 2009
URL: http://www.auscert.org.au/10496
Title: AL-2009.0126 -- [UNIX/Linux] -- Squid Proxy Cache Security Update
Advisory
Date: 11 February 2009
URL: http://www.auscert.org.au/10464
Title: AL-2009.0012 -- [Win] -- MS09-002 - Cumulative Security Update for
Internet Explorer
Date: 11 February 2009
URL: http://www.auscert.org.au/10477
Title: AL-2009.0013 -- [Win] -- MS09-003 - Vulnerabilities in Microsoft
Exchange Could Allow Remote Code Execution
Date: 11 February 2009
URL: http://www.auscert.org.au/10478
Title: AL-2009.0011 -- [Win] -- Microsoft Bulletin Notification - February
Pre-release Announcement
Date: 09 February 2009
URL: http://www.auscert.org.au/10476
Title: AL-2009.0010 -- [Win][UNIX/Linux] -- AREVA e-terrahabitat SCADA
systems
vulnerabilities Overview
Date: 08 February 2009
URL: http://www.auscert.org.au/10473
External Security Bulletins:
----------------------------
Title: ESB-2008.1105 -- [Solaris] -- A Security Vulnerability in Solaris
Secure Shell (SSH) May Expose Some Plain Text From Encrypted Traffic
Date: 11 February 2009
OS: Solaris
URL: http://www.auscert.org.au/10163
Title: ESB-2009.0150 -- [Debian] -- New phpmyadmin packages fix arbitrary
code
execution
Date: 13 February 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10501
Title: ESB-2009.0149 -- [Mac][OSX] -- APPLE-SA-2009-02-12 Java for Mac OS X
10.4 Release 8, Java for Mac OS X 10.5 Update 3
Date: 13 February 2009
OS: Mac OS X
URL: http://www.auscert.org.au/10500
Title: ESB-2009.0148 -- [Win] -- APPLE-SA-2009-02-12 Safari 3.2.2 for
Windows
Date: 13 February 2009
OS: Windows XP, Windows Vista
URL: http://www.auscert.org.au/10499
Title: ESB-2009.0147 -- [Mac][OSX] -- APPLE-SA-2009-02-12 Security Update
2009-001
Date: 13 February 2009
OS: Mac OS X
URL: http://www.auscert.org.au/10498
Title: ESB-2009.0146 -- [AIX] -- AIX at information disclosure vulnerability
Date: 12 February 2009
OS: AIX
URL: http://www.auscert.org.au/10497
Title: ESB-2009.0145 -- [Solaris] -- Sun Virtual Desktop Connector 1.0 Patch
127559-03 (WITHDRAWN) for Solaris 10 may Cause SunRay or Sun Secure
Global Desktop Sessions Fail to Connect to Virtual Desktops
Date: 12 February 2009
OS: Solaris
URL: http://www.auscert.org.au/10492
Title: ESB-2009.0144 -- [Solaris] -- Security Vulnerabilities in the libxml2
Library Routines xmlBufferResize() and xmlSAX2Characters() May Lead
to
Arbitrary Code Execution or Denial of Service (DoS)
Date: 12 February 2009
OS: Solaris
URL: http://www.auscert.org.au/10491
Title: ESB-2009.0143 -- [Win][Linux][HP-UX][Solaris][AIX] -- A Security
Vulnerability in Sun Java System Directory Server May Allow Specific
Requests to Crash the Directory Server Causing a Denial of Service
(DoS)
Date: 12 February 2009
OS: Solaris, Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other
Linux Variants, Windows XP, Server 2008, Red Hat Linux, HP-UX, AIX,
Windows Vista
URL: http://www.auscert.org.au/10490
Title: ESB-2009.0142 -- [Debian] -- New gnutls13 packages fix certificate
validation
Date: 12 February 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10489
Title: ESB-2009.0141 -- [Win][UNIX/Linux] -- Vulnerabilities discovered in
Troll and Advertisement (Drupal third-party modules)
Date: 12 February 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX,
AIX,
Windows Vista
URL: http://www.auscert.org.au/10488
Title: ESB-2009.0140 -- [Win][UNIX/Linux] -- DRUPAL CORE - ADMINISTER
CONTENT
TYPES PERMISSION
Date: 12 February 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX,
AIX,
Windows Vista
URL: http://www.auscert.org.au/10487
Title: ESB-2009.0139 -- [Linux][RedHat] -- Important: kernel security update
Date: 12 February 2009
OS: Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/10486
Title: ESB-2009.0138 -- [RedHat] -- Moderate: vnc security update
Date: 12 February 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10485
Title: ESB-2009.0137 -- [Win][UNIX/Linux][RedHat] -- Moderate:
mod_auth_mysql
security update
Date: 12 February 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX,
AIX,
Windows Vista
URL: http://www.auscert.org.au/10484
Title: ESB-2009.0136 -- [UNIX/Linux][RedHat] -- Moderate: netpbm security
update
Date: 12 February 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/10483
Title: ESB-2009.0135 -- [UNIX/Linux][Debian] -- New libpam-krb5 and
libpam-heimdal packages fix local privilege escalation
Date: 12 February 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/10482
Title: ESB-2009.0134 -- [UNIX/Linux][Debian] -- New TYPO3 packages fix
several
vulnerabilities
Date: 12 February 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/10481
Title: ESB-2009.0133 -- [Win] -- MS09-005 - Vulnerabilities in Microsoft
Office Visio Could Allow Remote Code Execution
Date: 11 February 2009
OS: Windows 2003, Windows 2000, Windows XP, Server 2008, Windows Vista
URL: http://www.auscert.org.au/10480
Title: ESB-2009.0132 -- [Win] -- MS09-004 - Vulnerability in Microsoft SQL
Server Could Allow Remote Code Execution
Date: 11 February 2009
OS: Windows 2003, Windows 2000, Windows XP, Server 2008, Windows Vista
URL: http://www.auscert.org.au/10479
Title: ESB-2009.0131 -- [Linux] -- SUSE update for kernel
Date: 10 February 2009
OS: Other Linux Variants
URL: http://www.auscert.org.au/10475
Title: ESB-2009.0130 -- [Solaris] -- A number of vulnerabilities have been
identified in Avaya
Date: 10 February 2009
OS: Solaris
URL: http://www.auscert.org.au/10474
Title: ESB-2009.0129 -- [Win][UNIX/Linux][RedHat] -- Important:
gstreamer-plugins-good security update
Date: 09 February 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX,
AIX,
Windows Vista
URL: http://www.auscert.org.au/10472
Title: ESB-2009.0128 -- [Win][UNIX/Linux][RedHat] -- Important:
gstreamer-plugins security update
Date: 09 February 2009
OS: Solaris, Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other
Linux Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X,
Windows Vista
URL: http://www.auscert.org.au/10471
Title: ESB-2009.0127 -- [Appliance] -- Certain HP Printers, and HP Digital
Senders, Remote Unauthorized Access to Files
Date: 09 February 2009
URL: http://www.auscert.org.au/10470
Title: ESB-2009.0126 -- [Win][UNIX/Linux][HP-UX][Solaris] -- HP OpenView
Network Node Manager (OV NNM), Remote Execution of Arbitrary Code
Date: 12 February 2009
OS: Windows Vista, HP-UX, Red Hat Linux, Server 2008, Windows XP, Other
Linux Variants, Windows 2000, Windows 2003, Debian GNU/Linux, Ubuntu,
Solaris
URL: http://www.auscert.org.au/10469
Title: ESB-2009.0125 -- [Win][UNIX/Linux][Debian] -- New boinc packages fix
validation bypass
Date: 09 February 2009
OS: Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, Windows
Vista
URL: http://www.auscert.org.au/10468
Title: ESB-2009.0124 -- [HP-UX] -- HP-UX Running NFS, Local Denial of
Service
(DoS)
Date: 09 February 2009
OS: HP-UX
URL: http://www.auscert.org.au/10467
Title: ESB-2009.0123 -- [Solaris] -- Security Vulnerability in the Process
File System
Date: 09 February 2009
OS: Solaris
URL: http://www.auscert.org.au/10466
Title: ESB-2009.0117 -- [HP-UX] -- HP-UX Running IPv6, Remote Denial of
Service (DoS) and Unauthorized Access
Date: 12 February 2009
OS: HP-UX
URL: http://www.auscert.org.au/10452
Title: ESB-2009.0005 -- [Solaris] -- An Issue in the Solaris LDAP Daemon May
Cause the System to Hang
Date: 12 February 2009
OS: Solaris
URL: http://www.auscert.org.au/10297
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20090213/24da1ebc/attachment.html>
More information about the AusNOG
mailing list