[AusNOG] AusCERT Week in Review - Week Ending 12/06/2009 (AUSCERT#20073f686)
Paul Fahey
paul at auscert.org.au
Fri Jun 12 16:11:39 EST 2009
Alerts, Advisories and Updates:
-------------------------------
Title: AA-2009.0140 -- [Win][UNIX/Linux] -- Ruby: Denial of Service
Date: 12 June 2009
URL: http://www.auscert.org.au/11135
Title: AA-2009.0143 -- [Appliance] -- f5 FirePass: Cross-site Scripting
Date: 12 June 2009
URL: http://www.auscert.org.au/11142
Title: AA-2009.0144 -- [Win][UNIX/Linux] -- MoinMoin: Inappropriate Access
Date: 12 June 2009
URL: http://www.auscert.org.au/11146
Title: AL-2009.0051 -- [Win][UNIX/Linux] -- Firefox, Seamonkey and
Thunderbird: Multiple Vulnerabilities
Date: 12 June 2009
URL: http://www.auscert.org.au/11139
Title: AA-2009.0141 -- [Win] -- Google Chrome: Multiple Vulnerabilities
Date: 11 June 2009
URL: http://www.auscert.org.au/11136
Title: AA-2009.0142 -- [Win] -- Novell Client: Reduced Security
Date: 11 June 2009
URL: http://www.auscert.org.au/11137
Title: AU-2009.0024 -- AusCERT Update - [Solaris][OpenSolaris] - Updated -
ASN.1 Printing: Denial of Service
Date: 10 June 2009
URL: http://www.auscert.org.au/11125
Title: AL-2009.0045 -- [Win] -- Active Directory: Execute Arbitrary Code
Date: 10 June 2009
URL: http://www.auscert.org.au/11112
Title: AL-2009.0046 -- [Win] -- Windows Print Spooler: Execute Arbitrary
Code
Date: 10 June 2009
URL: http://www.auscert.org.au/11113
Title: AL-2009.0047 -- [Win] -- Internet Explorer: Execute Arbitrary Code
Date: 10 June 2009
URL: http://www.auscert.org.au/11114
Title: AL-2009.0048 -- [Win][Mac][OSX] -- Microsoft Office Word: Execute
Arbitrary Code
Date: 10 June 2009
URL: http://www.auscert.org.au/11115
Title: AL-2009.0049 -- [Win][Mac][OSX] -- Microsoft Office Excel - Execute
Arbitrary Code
Date: 10 June 2009
URL: http://www.auscert.org.au/11116
Title: AL-2009.0050 -- [Win] -- Microsoft Works Converters: Execute
Arbitrary
Code
Date: 10 June 2009
URL: http://www.auscert.org.au/11117
Title: AA-2009.0134 -- [Linux] -- strongSwan: Denial of Service
Date: 09 June 2009
URL: http://www.auscert.org.au/11083
Title: AA-2009.0136 -- [Win][UNIX/Linux] -- Joomla!: Cross-site Scripting
Date: 09 June 2009
URL: http://www.auscert.org.au/11093
Title: AL-2009.0044 -- [Win][Mac][OSX] -- Microsoft Bulletin Notification -
June Pre-release Announcement
Date: 09 June 2009
URL: http://www.auscert.org.au/11108
Title: AA-2009.0137 -- [Appliance][Cisco] -- Cisco IronPort: Cross-Site
Scripting
Date: 09 June 2009
URL: http://www.auscert.org.au/11109
Title: AA-2009.0138 -- [AIX] -- Portmapper: Denial of Service
Date: 09 June 2009
URL: http://www.auscert.org.au/11110
Title: AA-2009.0139 -- [Win][UNIX/Linux] -- libpng: Reduced Security
Date: 09 June 2009
URL: http://www.auscert.org.au/11111
Title: AL-2009.0043 -- [Win] -- HP DDMI: Inappropriate access
Date: 08 June 2009
URL: http://www.auscert.org.au/11103
External Security Bulletins:
----------------------------
Title: ESB-2008.0687 -- [Win][HP-UX][Solaris] -- HP OpenView Network Node
Manager - Multiple vulnerabilities
Date: 11 June 2009
OS: Solaris, HP-UX, Red Hat Linux, Windows Server 2008, Windows Vista,
Windows 2003, Windows 2000, Windows XP
URL: http://www.auscert.org.au/9563
Title: ESB-2009.0564 -- [OpenSolaris] -- CUPS: Execute Arbitrary Code
Date: 12 June 2009
OS: Solaris
URL: http://www.auscert.org.au/11145
Title: ESB-2009.0563 -- [Solaris][OpenSolaris] -- GnuTLS: Provide Misleading
Information
Date: 12 June 2009
OS: Solaris
URL: http://www.auscert.org.au/11144
Title: ESB-2009.0562 -- [OpenSolaris] -- smbfs: Read-only Data Access
Date: 12 June 2009
OS: Solaris
URL: http://www.auscert.org.au/11143
Title: ESB-2009.0561 -- [RedHat] -- Seamonkey: Multiple Vulnerabilities
Date: 12 June 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11141
Title: ESB-2009.0560 -- [RedHat] -- Firefox: Multiple Vulnerabilities
Date: 12 June 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11140
Title: ESB-2009.0559 -- [Win][UNIX/Linux] -- Apache Tomcat: Inappropriate
Access
Date: 11 June 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Mac OS X,
HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/11138
Title: ESB-2009.0558 -- [Solaris][OpenSolaris] -- rpc.nisd Daemon: Denial of
Service
Date: 12 June 2009
OS: Solaris
URL: http://www.auscert.org.au/11134
Title: ESB-2009.0557 -- [Ubuntu] -- Quagga: Denial of Service
Date: 11 June 2009
OS: Ubuntu
URL: http://www.auscert.org.au/11133
Title: ESB-2009.0556 -- [FreeBSD] -- ntpd: Execute Arbitrary Code
Date: 11 June 2009
OS: FreeBSD
URL: http://www.auscert.org.au/11132
Title: ESB-2009.0555 -- [FreeBSD] -- IPv6: Inappropriate Access
Date: 11 June 2009
OS: FreeBSD
URL: http://www.auscert.org.au/11131
Title: ESB-2009.0554 -- [FreeBSD] -- Kernel: Read-only Data Access
Date: 11 June 2009
OS: FreeBSD
URL: http://www.auscert.org.au/11130
Title: ESB-2009.0553 -- [Win][UNIX/Linux] -- Drupal third-party modules:
Multiple Vulnerabilities
Date: 11 June 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Mac OS X,
HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/11129
Title: ESB-2009.0552 -- [HP-UX] -- HP-UX Running OpenSSL: Multiple
Vulnerabilities
Date: 11 June 2009
OS: HP-UX
URL: http://www.auscert.org.au/11128
Title: ESB-2009.0551-- [Linux][Ubuntu] -- eCryptfs: Access Confidential Data
Date: 11 June 2009
OS: Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/11106
Title: ESB-2009.0550-- [Win][UNIX/Linux][Ubuntu] -- ImageMagick: Execute
Arbitrary Code
Date: 11 June 2009
OS: HP Tru64 UNIX, Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD,
HP-UX, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux,
AIX, Windows Server 2008, Windows Vista, Windows 2003, Windows 2000,
Windows XP, Mac OS X
URL: http://www.auscert.org.au/11127
Title: ESB-2009.0549-- [SUSE] -- Kernel: Multiple Vulnerabilities
Date: 11 June 2009
OS: Other Linux Variants
URL: http://www.auscert.org.au/11126
Title: ESB-2009.0548-- [Win][Linux][HP-UX][Solaris] -- HP OpenView Network
Node Manager: Execute Arbitrary Code
Date: 11 June 2009
OS: HP Tru64 UNIX, Solaris, Ubuntu, Debian GNU/Linux, Other Linux
Variants,
Red Hat Linux, Windows Server 2008, Windows Vista, Windows 2003,
Windows 2000, Windows XP
URL: http://www.auscert.org.au/11124
Title: ESB-2009.0547-- [RedHat] -- mod_jk: Access Privileged Data
Date: 11 June 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/11123
Title: ESB-2009.0546-- [Win][Mac][OSX] -- Adobe Reader and Acrobat: Multiple
Vulnerabilities
Date: 11 June 2009
OS: Windows Server 2008, Windows Vista, Windows 2003, Windows 2000,
Windows
XP, Mac OS X
URL: http://www.auscert.org.au/11122
Title: ESB-2009.0545-- [Win] -- Windows Search: Execute Arbitrary Code
Date: 11 June 2009
OS: Windows 2003, Windows XP
URL: http://www.auscert.org.au/11121
Title: ESB-2009.0544-- [Win] -- Internet Information Services (IIS):
Increased
Privileges
Date: 11 June 2009
OS: Windows 2003, Windows 2000, Windows XP
URL: http://www.auscert.org.au/11120
Title: ESB-2009.0543-- [Win] -- Windows Kernel: Increased Privileges
Date: 11 June 2009
OS: Windows Server 2008, Windows Vista, Windows 2003, Windows 2000,
Windows
XP
URL: http://www.auscert.org.au/11119
Title: ESB-2009.0542-- [Win] -- Windows Remote Procedure Call: Increased
Privileges
Date: 11 June 2009
OS: Windows Server 2008, Windows Vista, Windows 2003, Windows 2000,
Windows
XP
URL: http://www.auscert.org.au/11118
Title: ESB-2009.0541-- [Win][Mac][OSX] -- Safari: Multiple Vulnerabilities
Date: 11 June 2009
OS: Windows Vista, Windows XP, Mac OS X
URL: http://www.auscert.org.au/11107
Title: ESB-2009.0540-- [Debian] -- evolution-data-server: Multiple
Vulnerablities
Date: 11 June 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/11105
Title: ESB-2009.0539-- [UNIX/Linux] -- libmodplug: Execute arbitrary code
Date: 11 June 2009
OS: HP Tru64 UNIX, Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD,
HP-UX, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux,
AIX, Mac OS X
URL: http://www.auscert.org.au/11104
Title: ESB-2009.0538-- [Solaris][OpenSolaris] -- ifconfig: Denial of service
Date: 11 June 2009
OS: Solaris
URL: http://www.auscert.org.au/11102
Title: ESB-2009.0537-- [Appliance] -- Sun StorageTek SMC: Denial of service
Date: 11 June 2009
OS: Solaris
URL: http://www.auscert.org.au/11101
Title: ESB-2009.0536-- [OpenSolaris] -- idmap: Denial of service
Date: 11 June 2009
OS: Solaris
URL: http://www.auscert.org.au/11100
Title: ESB-2009.0535-- [Win][UNIX/Linux] -- Apache Tomcat: Modify Arbitrary
Files
Date: 11 June 2009
OS: HP Tru64 UNIX, Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD,
HP-UX, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux,
AIX, Windows Server 2008, Windows Vista, Windows 2003, Windows 2000,
Windows XP, Mac OS X
URL: http://www.auscert.org.au/11097
Title: ESB-2009.0534-- [Win][UNIX/Linux][Solaris] -- Sun Java System Web
Server 6.1 Reverse Proxy Plug-in: Execute Arbitrary Code
Date: 11 June 2009
OS: HP Tru64 UNIX, Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD,
HP-UX, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux,
AIX, Windows Server 2008, Windows Vista, Windows 2003, Windows 2000,
Windows XP, Mac OS X
URL: http://www.auscert.org.au/11096
Title: ESB-2009.0533 -- [Solaris][OpenSolaris] -- Solaris Kerberos
Credential
Management: Inappropriate Access
Date: 09 June 2009
OS: Solaris
URL: http://www.auscert.org.au/11095
Title: ESB-2009.0532 -- [Win][UNIX/Linux][Debian] -- apr-util: Denial of
Service
Date: 11 June 2009
OS: Windows Vista, Windows Server 2008, Windows XP, Windows 2000, Windows
2003, Debian GNU/Linux
URL: http://www.auscert.org.au/11094
Title: ESB-2009.0489 -- [Solaris] -- Third-party Applications Using GSS-API:
Execute Arbitrary Code
Date: 08 June 2009
OS: Solaris
URL: http://www.auscert.org.au/11022
Title: ESB-2009.0466-- [Win][UNIX/Linux] -- Drupal third-party modules:
Multiple Vulnerabilities
Date: 11 June 2009
OS: HP Tru64 UNIX, Solaris, IRIX, OpenBSD, Other BSD Variants, FreeBSD,
HP-UX, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat Linux,
AIX, Windows Server 2008, Windows Vista, Windows 2003, Windows 2000,
Windows XP, Mac OS X
URL: http://www.auscert.org.au/10990
Title: ESB-2009.0458 -- [Win][Linux][Solaris][AIX] -- Sun GlassFish
Enterprise
Server and Sun Java System Application Server: Execute Arbitrary Code
Date: 11 June 2009
OS: Solaris, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat
Linux,
AIX, Windows Server 2008, Windows Vista, Windows 2003, Windows 2000,
Windows XP, Mac OS X
URL: http://www.auscert.org.au/10979
Title: ESB-2009.0422 -- [Solaris][OpenSolaris] -- ASN.1 Printing: Denial of
Service
Date: 10 June 2009
OS: Solaris
URL: http://www.auscert.org.au/10931
Title: ESB-2009.0413 -- [Solaris][OpenSolaris] -- DTrace: Denial of Service
Date: 08 June 2009
OS: Solaris
URL: http://www.auscert.org.au/10916
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20090612/48d16a29/attachment.html>
More information about the AusNOG
mailing list