[AusNOG] AusCERT Week in Review - Week Ending 09/01/2009 (AUSCERT#20073f686)
Paul Fahey
paul at auscert.org.au
Fri Jan 9 16:29:29 EST 2009
Alerts, Advisories and Updates:
-------------------------------
Title: AU-2009.0003 -- AusCERT Update - [Win][Appliance][Solaris] - Updated
-
Checkpoint VPN-1 PAT information disclosure
Date: 08 January 2009
URL: http://www.auscert.org.au/10315
Title: AA-2008.0253 -- [Win][UNIX/Linux] -- A vulnerability has been
identified in PHP 5.2.7.
Date: 07 January 2009
URL: http://www.auscert.org.au/10186
Title: AU-2009.0002 -- AusCERT Update - [Debian] - Updated - New xterm
packages fix remote code execution
Date: 07 January 2009
URL: http://www.auscert.org.au/10296
Title: AU-2009.0001 -- AusCERT Update - [Win] - Update to Firefox 2.x
vulnerability on Windows
Date: 06 January 2009
URL: http://www.auscert.org.au/10295
Title: AL-2008.0129 -- [Win][UNIX/Linux] -- A number of vulnerabilities have
been identified in Mozilla Firefox, SeaMonkey and Thunderbird
Date: 05 January 2009
URL: http://www.auscert.org.au/10237
Title: AA-2009.0003 -- [Win][UNIX/Linux] -- Denial of Service vulnerabilitiy
in UW IMAP
Date: 05 January 2009
URL: http://www.auscert.org.au/10291
Title: AA-2009.0004 -- [Linux] -- Linux Kernel 2.6.28 Released
Date: 05 January 2009
URL: http://www.auscert.org.au/10292
Title: AA-2008.0261 -- [Win][Linux][Solaris][AIX] -- Various Tivoli products
do not correctly authenticate users who attempt to run SOAP commands
Date: 04 January 2009
URL: http://www.auscert.org.au/10224
External Security Bulletins:
----------------------------
Title: ESB-2009.1163 -- [Solaris] -- Insecure Temporary File Usage
Vulnerability in Sun SNMP Management Agent
Date: 05 January 2009
OS: Solaris
URL: http://www.auscert.org.au/10278
Title: ESB-2009.1160 -- [FreeBSD] -- netgraph / bluetooth privilege
escalation
Date: 05 January 2009
OS: FreeBSD
URL: http://www.auscert.org.au/10272
Title: ESB-2008.1071 -- [Win][Appliance][Solaris] -- Checkpoint VPN-1 PAT
information disclosure
Date: 07 January 2009
OS: Solaris, Server 2008, Windows Vista, Windows 2003, Windows 2000,
Windows XP
URL: http://www.auscert.org.au/10113
Title: ESB-2009.0027 -- [Win][UNIX/Linux] -- Openfire multiple
vulnerabilities
Date: 09 January 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX,
AIX,
Windows Vista
URL: http://www.auscert.org.au/10320
Title: ESB-2009.0026 -- [UNIX/Linux] -- Asterisk - Information leak in IAX2
authentication
Date: 09 January 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/10319
Title: ESB-2009.0025 -- [UNIX/Linux][Ubuntu] -- NTP vulnerability
Date: 09 January 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/10318
Title: ESB-2009.0024 -- [RedHat] -- Moderate: bind security update
Date: 09 January 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10317
Title: ESB-2009.0023 -- [RedHat] -- Important: kernel security update
Date: 09 January 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10316
Title: ESB-2009.0022 -- [Win] -- CA Service Metric Analysis and CA Service
Level Management smmsnmpd Arbitrary Command Execution
Date: 08 January 2009
OS: Windows 2003, Windows 2000, Windows XP, Server 2008, Windows Vista
URL: http://www.auscert.org.au/10314
Title: ESB-2009.0021 -- [Solaris] -- Multiple Security Vulnerabilities in
the
Flash Player Plugin for Solaris
Date: 08 January 2009
OS: Solaris
URL: http://www.auscert.org.au/10313
Title: ESB-2009.0020 -- [FreeBSD] -- OpenSSL incorrectly checks for
malformed
signatures
Date: 08 January 2009
OS: FreeBSD
URL: http://www.auscert.org.au/10312
Title: ESB-2009.0019 -- [FreeBSD] -- Cross-site request forgery in
lukemftpd(8)
Date: 08 January 2009
OS: FreeBSD
URL: http://www.auscert.org.au/10311
Title: ESB-2009.0018 -- [Win][UNIX/Linux] -- Project release, Project issue
tracking (Drupal third-party modules) Multiple Vulnerabilities
Date: 08 January 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX,
AIX,
Windows Vista
URL: http://www.auscert.org.au/10310
Title: ESB-2009.0017 -- [Win][UNIX/Linux] -- New versions of BIND released
to
correct a security vulnerability
Date: 08 January 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX,
AIX,
Windows Vista
URL: http://www.auscert.org.au/10309
Title: ESB-2009.0016 -- [Cisco] -- Cisco Global Site Selector Appliances DNS
Vulnerability
Date: 08 January 2009
OS: Cisco Products
URL: http://www.auscert.org.au/10308
Title: ESB-2009.0015 -- [UNIX/Linux][Debian] -- New iceape packages fix
several vulnerabilities
Date: 08 January 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/10307
Title: ESB-2009.0014 -- [UNIX/Linux][Debian] -- New icedove packages fix
several vulnerabilities
Date: 08 January 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/10306
Title: ESB-2009.0013 -- [RedHat] -- Important: xterm and hanterm-xf security
update
Date: 08 January 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10305
Title: ESB-2009.0012 -- [RedHat] -- Moderate: lcms security update
Date: 08 January 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10304
Title: ESB-2009.0011 -- [RedHat] -- Moderate: dbus security update
Date: 08 January 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10303
Title: ESB-2009.0010 -- [UNIX/Linux][RedHat] -- Moderate: gnome-vfs,
gnome-vfs2 security update
Date: 08 January 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/10302
Title: ESB-2009.0009 -- [Win][UNIX/Linux][RedHat] -- Important: openssl
security update
Date: 08 January 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX,
AIX,
Windows Vista
URL: http://www.auscert.org.au/10301
Title: ESB-2009.0008 -- [UNIX/Linux][RedHat] -- Moderate: xen security and
bug
fix update
Date: 08 January 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Virtualisation, Red Hat
Linux, Mac OS X, HP-UX, AIX
URL: http://www.auscert.org.au/10300
Title: ESB-2009.0007 -- [RedHat] -- Moderate: thunderbird security update
Date: 08 January 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10299
Title: ESB-2009.0006 -- [Solaris] -- A Security Vulnerability in the NFS
Version 4 Client Within Solaris May Lead to a System Panic
Date: 07 January 2009
OS: Solaris
URL: http://www.auscert.org.au/10298
Title: ESB-2009.0005 -- [Solaris] -- An Issue in the Solaris LDAP Daemon May
Cause the System to Hang
Date: 07 January 2009
OS: Solaris
URL: http://www.auscert.org.au/10297
Title: ESB-2009.0004 -- [RedHat] -- Important: kernel security update
Date: 06 January 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10294
Title: ESB-2009.0003 -- [UNIX/Linux][Ubuntu] -- Samba vulnerability
Date: 06 January 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/10293
Title: ESB-2009.0002 -- [Debian] -- New Ruby packages fix denial of service
Date: 05 January 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10290
Title: ESB-2009.0001 -- [UNIX/Linux][Debian] -- New xterm packages fix
remote
code execution
Date: 07 January 2009
OS: AIX, HP-UX, Mac OS X, Red Hat Linux, Other Linux Variants, FreeBSD,
OpenBSD, IRIX, Other BSD Variants, Debian GNU/Linux, Ubuntu, HP Tru64
UNIX, Solaris
URL: http://www.auscert.org.au/10289
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20090109/00572db0/attachment.html>
More information about the AusNOG
mailing list