[AusNOG] AusCERT Week in Review - Week Ending 23/01/2009 (AUSCERT#20073f686)
Paul Fahey
paul at auscert.org.au
Fri Jan 23 17:08:20 EST 2009
Alerts, Advisories and Updates:
-------------------------------
Title: AA-2009.0005 -- [Win][Linux][Appliance] -- Vulnerability reported in
multiple BlackBerry products
Date: 23 January 2009
URL: http://www.auscert.org.au/10342
Title: AA-2009.0006 -- [Win][Linux][HP-UX][Solaris][AIX] -- IBM releases new
fix packs for DB2
Date: 22 January 2009
URL: http://www.auscert.org.au/10358
Title: AL-2009.0004 -- [Win] -- A number of vulnerabilities have been
identified in Trend Micro OfficeScan 8.0
Date: 22 January 2009
URL: http://www.auscert.org.au/10399
Title: AL-2009.0005 -- [Cisco] -- Cisco Security Manager Vulnerability
Date: 22 January 2009
URL: http://www.auscert.org.au/10400
Title: AU-2009.0006 -- AusCERT Update - [Debian] - Updated - New phppgadmin
packages fix several vulnerabilities
Date: 21 January 2009
URL: http://www.auscert.org.au/10397
Title: AU-2009.0007 -- AusCERT Update - [Solaris] - Security Vulnerability
in
the ACL (acl(2)) Implementation for UFS File Systems May Allow a
Local
User to Panic the System
Date: 21 January 2009
URL: http://www.auscert.org.au/10403
Title: AL-2009.0006 -- [Win][Mac][OSX] -- QuickTime 7.6 released fixing
multiple vulnerabilities
Date: 21 January 2009
URL: http://www.auscert.org.au/10402
Title: AA-2009.0009 -- [PGP/GPG] -- AusCERT has generated a new PGP/GPG Key
to
use for signing and having data encrypted to
Date: 21 January 2009
URL: http://www.auscert.org.au/10404
Title: AA-2009.0008 -- [Win][UNIX/Linux] -- A vulnerability has been
identified in Sophos Anti-Virus
Date: 20 January 2009
URL: http://www.auscert.org.au/10379
External Security Bulletins:
----------------------------
Title: ESB-2008.1162 -- [Win][UNIX/Linux][Debian] -- New phppgadmin packages
fix several vulnerabilities
Date: 21 January 2009
OS: HP Tru64 UNIX, Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD,
HP-UX, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux,
AIX, Server 2008, Windows Vista, Windows 2003, Windows 2000, Windows
XP, Mac OS X
URL: http://www.auscert.org.au/10277
Title: ESB-2008.1144 -- [Linux][Ubuntu] -- shadow vulnerability
Date: 21 January 2009
OS: Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/10251
Title: ESB-2008.0892 -- [Solaris] -- Security Vulnerability in the ACL
(acl(2)) Implementation for UFS File Systems May Allow a Local User
to
Panic the System
Date: 21 January 2009
OS: Solaris
URL: http://www.auscert.org.au/9861
Title: ESB-2009.0085 -- [UNIX/Linux] -- Multiple vulnerabilities identified
in
xine-lib
Date: 23 January 2009
OS: Debian GNU/Linux, Ubuntu, HP Tru64 UNIX, Solaris, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/10410
Title: ESB-2009.0084 -- [Solaris] -- A Solaris Kernel Security Vulnerability
on Systems Using the Sun UltraSPARC T2 and T2+ Processors May Allow
Denial of Service (DoS)
Date: 23 January 2009
OS: Solaris
URL: http://www.auscert.org.au/10409
Title: ESB-2009.0083 -- [Win][Linux][Solaris] -- A Security Vulnerability in
Sun Java System Application Server May Expose an Application's
WEB-INF
and META-INF Content
Date: 23 January 2009
OS: Windows Vista, Red Hat Linux, Server 2008, Windows XP, Other Linux
Variants, Windows 2000, Windows 2003, Debian GNU/Linux, Ubuntu,
Solaris
URL: http://www.auscert.org.au/10408
Title: ESB-2009.0082 -- [RedHat] -- Important: kernel security and bug fix
update
Date: 22 January 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10405
Title: ESB-2009.0081 -- [Win] -- QuickTime MPEG-2 Playback Component
Date: 22 January 2009
OS: Windows XP, Windows Vista
URL: http://www.auscert.org.au/10401
Title: ESB-2009.0080 -- [Cisco] -- Cisco Unified Communications Manager CAPF
Denial of Service Vulnerability
Date: 22 January 2009
OS: Cisco Products
URL: http://www.auscert.org.au/10398
Title: ESB-2009.0079 -- [Solaris] -- A Security Vulnerability in the
vncviewer(1) RFB Protocol Validation May Allow Execution of Arbitrary
Code and Lead to a Denial of Service (DoS)
Date: 21 January 2009
OS: Solaris
URL: http://www.auscert.org.au/10396
Title: ESB-2009.0078 -- [Win][Linux][Solaris] -- A Security Vulnerability in
Sun Java System Access Manager May Allow Privilege Escalation of
Sub-Realm Administrators
Date: 21 January 2009
OS: Solaris, Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other
Linux Variants, Windows XP, Server 2008, Red Hat Linux, Windows Vista
URL: http://www.auscert.org.au/10395
Title: ESB-2009.0077 -- [Win][UNIX/Linux][HP-UX][Solaris] -- Security
Vulnerability in Sun Java System Access Manager May Allow
Unauthorized
Access Through Revealed Passwords
Date: 21 January 2009
OS: Solaris, Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other
Linux Variants, Windows XP, Server 2008, Red Hat Linux, HP-UX,
Windows
Vista
URL: http://www.auscert.org.au/10394
Title: ESB-2009.0076 -- [Win] -- Microsoft Windows Does Not Disable AutoRun
Properly
Date: 21 January 2009
OS: Windows 2003, Windows 2000, Windows XP, Server 2008, Windows Vista
URL: http://www.auscert.org.au/10393
Title: ESB-2009.0075 -- [UNIX/Linux][RedHat] -- Low: dovecot security and
bug
fix update
Date: 21 January 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/10392
Title: ESB-2009.0074 -- [RedHat] -- Important: Red Hat Enterprise Linux 5.3
kernel security and bug fix update
Date: 21 January 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10391
Title: ESB-2009.0073 -- [Win][Linux][HP-UX][Solaris] -- HP OpenView Network
Node Manager (OV NNM), Remote Execution of Arbitrary Code
Date: 21 January 2009
OS: Solaris, Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other
Linux Variants, Windows XP, Server 2008, Red Hat Linux, HP-UX,
Windows
Vista
URL: http://www.auscert.org.au/10390
Title: ESB-2009.0072 -- [Solaris] -- Incorrect Software Setting Prior to
Shipping on Certain Sun SPARC M4000/M5000 Servers May Allow
Unauthorized Access
Date: 21 January 2009
OS: Solaris
URL: http://www.auscert.org.au/10389
Title: ESB-2009.0071 -- [Win][UNIX/Linux][Debian] -- New Git packages fix
remote code execution
Date: 20 January 2009
OS: Windows Vista, Mac OS X, Red Hat Linux, Server 2008, Windows XP,
Other
Linux Variants, FreeBSD, Windows 2000, OpenBSD, Windows 2003, Other
BSD
Variants, Debian GNU/Linux, Ubuntu, Solaris
URL: http://www.auscert.org.au/10377
Title: ESB-2009.0070 -- [UNIX/Linux][RedHat] -- Important: squirrelmail
security update
Date: 20 January 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/10376
Title: ESB-2009.0069 -- [UNIX/Linux] -- A vulnerability in KDM may allow a
local user to cause a Denial of Service
Date: 19 January 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, HP-UX,
AIX
URL: http://www.auscert.org.au/10375
Title: ESB-2009.0068 -- [Win][UNIX/Linux] -- Several vulnerabilities have
been
discovered in ffmpeg
Date: 19 January 2009
OS: HP Tru64 UNIX, Solaris, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX,
AIX,
Windows Vista
URL: http://www.auscert.org.au/10374
Title: ESB-2009.0067 -- [Win] -- Symantec AppStream Client LaunchObj ActiveX
Vulnerability
Date: 19 January 2009
OS: Windows 2003, Windows 2000, Windows XP, Server 2008, Windows Vista
URL: http://www.auscert.org.au/10372
Title: ESB-2009.0066 -- [Solaris] -- A Security Vulnerability in the libxml2
Library May Lead to Denial of Service (DoS)
Date: 19 January 2009
OS: Solaris
URL: http://www.auscert.org.au/10371
Title: ESB-2009.0065 -- [Cisco] -- Cisco IOS and ASA: MD5 Hashes May Allow
for
Certificate Spoofing
Date: 19 January 2009
OS: Cisco Products
URL: http://www.auscert.org.au/10370
Title: ESB-2009.0061 -- [UNIX/Linux][Debian] -- New amarok packages fix
arbitrary code execution
Date: 21 January 2009
OS: AIX, HP-UX, Mac OS X, Red Hat Linux, Other Linux Variants, FreeBSD,
OpenBSD, IRIX, Other BSD Variants, Debian GNU/Linux, Ubuntu, HP Tru64
UNIX, Solaris
URL: http://www.auscert.org.au/10363
Title: ESB-2009.0055 -- [Solaris] -- Security Vulnerabilities in the Solaris
lpadmin(1M) and ppdmgr(1M) Utilities May Lead to a Denial of Service
(DoS) Condition
Date: 21 January 2009
OS: Solaris
URL: http://www.auscert.org.au/10355
Title: ESB-2009.0054 -- [Solaris] -- Security Vulnerability Relating to the
posix_fallocate(3C) System Call May Lead to a Denial of Service (DoS)
Date: 20 January 2009
OS: Solaris
URL: http://www.auscert.org.au/10354
Title: ESB-2009.0048 -- [UNIX/Linux][Ubuntu] -- HPLIP vulnerability
Date: 20 January 2009
OS: AIX, HP-UX, Mac OS X, Red Hat Linux, Other Linux Variants, FreeBSD,
OpenBSD, IRIX, Other BSD Variants, Debian GNU/Linux, Ubuntu, HP Tru64
UNIX, Solaris
URL: http://www.auscert.org.au/10348
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20090123/b2bcc876/attachment.html>
More information about the AusNOG
mailing list