[AusNOG] AusCERT Week in Review - Week Ending 06/03/2009 (AUSCERT#20073f686)
Jonathan Levine
jonathan at auscert.org.au
Fri Mar 6 16:16:00 EST 2009
AusCERT Week in Review
06 March 2009
Papers, Articles and other documents:
-------------------------------------
Title: Skeleton DDoS Mitigation Procedure
Date: 04 March 2009
URL: http://www.auscert.org.au/10590
Web Log Entries:
----------------
Title: Another day... another browser vulnerability.
Date: 05 March 2009
URL: http://www.auscert.org.au/10602
Alerts, Advisories and Updates:
-------------------------------
Title: AA-2009.0051 -- [Win][UNIX/Linux] -- A vulnerability has been
identified in IBM Websphere Application Server
Date: 06 March 2009
URL: http://www.auscert.org.au/10599
Title: AA-2009.0052 -- [Win][Linux][HP-UX][Solaris][AIX] -- A number of
vulnerabilities have been identified in IBM DB2
Date: 06 March 2009
URL: http://www.auscert.org.au/10600
Title: AA-2009.0049 -- [Win][UNIX/Linux] -- An update has been released for
OpenSC
Date: 05 March 2009
URL: http://www.auscert.org.au/10593
Title: AL-2009.0015 -- [Win][UNIX/Linux] -- A number of vulnerabilities have
been identified in Mozilla Firefox, SeaMonkey and Thunderbird
Date: 05 March 2009
URL: http://www.auscert.org.au/10591
Title: AA-2009.0050 -- [UNIX/Linux] -- A vulnerability has been identified
in
Nagios
Date: 05 March 2009
URL: http://www.auscert.org.au/10594
Title: AL-2009.0007 -- [Win][UNIX/Linux] -- Updates available for Firefox,
ThunderBird and SeaMonkey
Date: 04 March 2009
URL: http://www.auscert.org.au/10457
Title: AL-2009.0014 -- [UNIX/Linux] -- Squid Proxy Cache Security Update
Advisory
Date: 04 March 2009
URL: http://www.auscert.org.au/10464
Title: AA-2009.0047 -- [Win][UNIX/Linux] -- A vulnerability has been found
in
libsndfile used by Winamp
Date: 04 March 2009
URL: http://www.auscert.org.au/10582
Title: AU-2009.0011 -- AusCERT Update - [Appliance] - Blue Coat Update -
Intercepting proxy servers may incorrectly rely on HTTP headers to
make
connections
Date: 04 March 2009
URL: http://www.auscert.org.au/10583
Title: AA-2009.0048 -- [Win][UNIX/Linux] -- Opera 9.64 has been released
correcting multiple security vulnerabilities
Date: 04 March 2009
URL: http://www.auscert.org.au/10584
Title: AA-2009.0045 -- [Win][UNIX/Linux] -- PHP 5.2.9 released
Date: 03 March 2009
URL: http://www.auscert.org.au/10574
Title: AA-2009.0046 -- [Win][Netware][UNIX/Linux] -- Vulnerability
identified
in Novell eDirectory
Date: 03 March 2009
URL: http://www.auscert.org.au/10578
Title: AU-2009.0010 -- AusCERT Update - [Debian] - [DSA 1719-2] New GNUTLS
packages fix regression
Date: 02 March 2009
URL: http://www.auscert.org.au/10575
Title: AA-2009.0044 -- [Win][UNIX/Linux] -- Joomla!: multiple
vulnerabilities
Date: 02 March 2009
URL: http://www.auscert.org.au/10569
External Security Bulletins:
----------------------------
Title: ESB-2009.0209 -- [Appliance] -- Time Capsule and AirPort Base Station
(802.11n*) Firmware 7.4.1
Date: 06 March 2009
OS: Mac OS X
URL: http://www.auscert.org.au/10601
Title: ESB-2009.0208 -- [UNIX/Linux] -- Multiple vulnerabilities identified
in
php
Date: 06 March 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX,
AIX,
Windows Vista
URL: http://www.auscert.org.au/10598
Title: ESB-2009.0207 -- [Solaris] -- A Security Vulnerability With the
Solaris
Crypto Driver May Cause a System Panic
Date: 06 March 2009
OS: Solaris
URL: http://www.auscert.org.au/10597
Title: ESB-2009.0206 -- [Solaris] -- Cross Site Scripting (XSS)
Vulnerability
in Sun Management Center (SunMC) Performance Reporting Module
Date: 06 March 2009
OS: Solaris
URL: http://www.auscert.org.au/10596
Title: ESB-2009.0205 -- [Debian] -- New opensc packages fix information
disclosure
Date: 06 March 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10595
Title: ESB-2009.0204 -- [RedHat] -- Critical: firefox and seamonkey security
updates
Date: 05 March 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10592
Title: ESB-2009.0203 -- [Cisco] -- Cisco 7600 Series Router Session Border
Controller Denial of Service Vulnerability
Date: 05 March 2009
OS: Cisco Products
URL: http://www.auscert.org.au/10589
Title: ESB-2009.0202 -- [RedHat] -- Moderate: libpng security update
Date: 05 March 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10588
Title: ESB-2009.0201 -- [Win][UNIX/Linux][RedHat] -- Moderate: wireshark
security update
Date: 05 March 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, FreeBSD, Other Linux Variants, Windows
XP,
Server 2008, Red Hat Linux, Mac OS X, HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/10587
Title: ESB-2009.0200 -- [UNIX/Linux][Ubuntu] -- network-manager-applet and
network-manager vulnerabilities
Date: 04 March 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/10586
Title: ESB-2009.0199 -- [Win][UNIX/Linux] -- libpng vulnerability - libpng
fails to properly initialize element pointers
Date: 04 March 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX,
AIX,
Windows Vista
URL: http://www.auscert.org.au/10585
Title: ESB-2009.0198 -- [Win][UNIX/Linux][Ubuntu] -- curl vulnerability
Date: 04 March 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX,
AIX,
Windows Vista
URL: http://www.auscert.org.au/10581
Title: ESB-2009.0197 -- [Win][UNIX/Linux][Debian] -- New squid3 packages fix
denial of service
Date: 04 March 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX,
AIX,
Windows Vista
URL: http://www.auscert.org.au/10580
Title: ESB-2009.0196 -- [UNIX/Linux][Debian] -- New vim packages fix
multiple
vulnerabilities
Date: 04 March 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/10579
Title: ESB-2009.0195 -- [Appliance] -- Nortel Response to OpenSSL
'EVP_VerifyFinal' Function Signature Verification Vulnerability
Date: 03 March 2009
URL: http://www.auscert.org.au/10577
Title: ESB-2009.0194 -- [Linux] -- SUSE Update for Multiple Packages
Date: 03 March 2009
OS: Other Linux Variants
URL: http://www.auscert.org.au/10576
Title: ESB-2009.0193 -- [Debian] -- New ndiswrapper packages fix arbitrary
code execution vulnerability
Date: 03 March 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10573
Title: ESB-2009.0192 -- [Debian] -- New proftpd-dfsg packages fix SQL
injection vulnerabilites
Date: 03 March 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10572
Title: ESB-2009.0191 -- [Debian] -- New gst-plugins-bad0.10 packages fix
multiple vulnerabilities
Date: 03 March 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10571
Title: ESB-2009.0190 -- [RedHat] -- Low: Red Hat Enterprise Linux 2.1 - 3
Month End Of Life Notice
Date: 03 March 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10570
Title: ESB-2009.0189 -- [Win][UNIX/Linux] -- Taxonomy Theme (Drupal
Third-party module) - Cross site scripting
Date: 02 March 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Server 2008, Red Hat Linux, Mac OS X, HP-UX,
AIX,
Windows Vista
URL: http://www.auscert.org.au/10568
Title: ESB-2009.0188 -- [UNIX/Linux][Debian] -- New dkim-milter packages fix
denial of service
Date: 02 March 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS
X,
HP-UX, AIX
URL: http://www.auscert.org.au/10567
Title: ESB-2009.0155 -- [HP-UX] -- HP-UX Running Apache Web Server Suite,
Remote Denial of Service (DoS), Cross-site Scripting (XSS), Execution
of Arbitrary Code, Cross-Site Request Forgery (CSRF)
Date: 03 March 2009
OS: HP-UX
URL: http://www.auscert.org.au/10509
Title: ESB-2009.0142 -- [Debian] -- New gnutls13 packages fix certificate
validation
Date: 03 March 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10489
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.ausnog.net/pipermail/ausnog/attachments/20090306/be431259/attachment.html>
More information about the AusNOG
mailing list