[AusNOG] AusCERT Week in Review - Week Ending 08/05/2009 (AUSCERT#20073f686)
Patrick Mannion
patrick at auscert.org.au
Fri May 8 16:11:07 EST 2009
Alerts, Advisories and Updates:
-------------------------------
Title: AA-2009.0110 -- [Win][AIX] -- IBM Tivoli Storage Manager client:
Multiple Vulnerabilities
Date: 08 May 2009
URL: http://www.auscert.org.au/10959
Title: AA-2009.0111 -- [Linux] -- kernel: Inappropriate Access
Date: 08 May 2009
URL: http://www.auscert.org.au/10961
Title: AA-2009.0109 -- [Win][UNIX/Linux] -- MySQL Community Server: Multiple
Vulnerabilities
Date: 06 May 2009
URL: http://www.auscert.org.au/10951
Title: AU-2009.0020 -- AusCERT Update - [Win][Linux][HP-UX][Solaris] - HP
OpenView Network Node Manager - denial of service vulnerability
Date: 05 May 2009
URL: http://www.auscert.org.au/10946
External Security Bulletins:
----------------------------
Title: ESB-2008.0962 -- [Win][Linux][HP-UX][Solaris] -- HP OpenView Network
Node Manager - denial of service vulnerability
Date: 05 May 2009
OS: Solaris, HP-UX, Ubuntu, Debian GNU/Linux, Other Linux Variants, Red Hat
Linux, Windows Server 2008, Windows Vista, Windows 2003, Windows 2000,
Windows XP
URL: http://www.auscert.org.au/9948
Title: ESB-2009.0450 -- [UNIX/Linux] -- zsh: Denial of Service
Date: 08 May 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X,
HP-UX, AIX
URL: http://www.auscert.org.au/10965
Title: ESB-2009.0449 -- [Debian] -- libwmf: Execute Arbitrary Code
Date: 08 May 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10964
Title: ESB-2009.0448 -- [UNIX/Linux][Debian] -- ldns: Execute Arbitrary Code
Date: 08 May 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X,
HP-UX, AIX
URL: http://www.auscert.org.au/10963
Title: ESB-2009.0447 -- [RedHat] -- kernel: Multiple vulnerabilities
Date: 08 May 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10962
Title: ESB-2009.0446 -- [RedHat] -- acpid: Denial of Service
Date: 08 May 2009
OS: Red Hat Linux
URL: http://www.auscert.org.au/10960
Title: ESB-2009.0445 -- [Debian] -- Linux 2.6.18: Multiple Vulnerabilities
Date: 07 May 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10958
Title: ESB-2009.0444 -- [Debian] -- kdegraphics: Multiple Vulnerabilities
Date: 07 May 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10957
Title: ESB-2009.0443 -- [Debian] -- drupal6: Multiple Vulnerabilities
Date: 07 May 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10956
Title: ESB-2009.0442 -- [UNIX/Linux][Debian] -- moin: Cross-site Scripting
Date: 07 May 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X,
HP-UX, AIX
URL: http://www.auscert.org.au/10955
Title: ESB-2009.0441 -- [Win] -- NuPoint Messenger server: Access Confidential
Data
Date: 07 May 2009
OS: Windows 2003, Windows 2000, Windows XP, Windows Server 2008, Windows
Vista
URL: http://www.auscert.org.au/10954
Title: ESB-2009.0440 -- [Ubuntu] -- ClamAV: Reduced Security
Date: 06 May 2009
OS: Ubuntu
URL: http://www.auscert.org.au/10953
Title: ESB-2009.0439 -- [RedHat][SUSE] -- Insight Control Suite For Linux
(ICE-LX): Multiple Vulnerabilities
Date: 06 May 2009
OS: Other Linux Variants, Red Hat Linux
URL: http://www.auscert.org.au/10952
Title: ESB-2009.0438 -- [Debian] -- xpdf: multiple vulnerabilities
Date: 06 May 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10950
Title: ESB-2009.0437 -- [UNIX/Linux][Debian] -- quagga: Denial of Service
Date: 05 May 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, OpenBSD, FreeBSD, Other Linux Variants, Red Hat Linux, Mac OS X,
HP-UX, AIX
URL: http://www.auscert.org.au/10949
Title: ESB-2009.0436 -- [Win][UNIX/Linux] -- Jetty HTTP server: Inappropriate
Access
Date: 05 May 2009
OS: Solaris, HP Tru64 UNIX, Ubuntu, Debian GNU/Linux, Other BSD Variants,
IRIX, Windows 2003, OpenBSD, Windows 2000, FreeBSD, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Mac OS X,
HP-UX, AIX, Windows Vista
URL: http://www.auscert.org.au/10948
Title: ESB-2009.0435 -- [Debian] -- php5: Multiple Vulnerabilities
Date: 05 May 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10947
Title: ESB-2009.0434 -- [Win][Linux][HP-UX][Solaris] -- HP OpenView Network
Node Manager: Execute Arbitrary Code
Date: 05 May 2009
OS: Solaris, Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other
Linux Variants, Windows XP, Windows Server 2008, Red Hat Linux, HP-UX,
Windows Vista
URL: http://www.auscert.org.au/10945
Title: ESB-2009.0433 -- [Win][Linux] -- Flash Media Server: Execute Arbitrary
Code/Commands
Date: 04 May 2009
OS: Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Windows Vista
URL: http://www.auscert.org.au/10944
Title: ESB-2009.0432 -- [Debian] -- acpid: Denial of Service
Date: 04 May 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10943
Title: ESB-2009.0431 -- [Debian] -- linux-2.6.24: Multiple Vulnerabilities
Date: 04 May 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10942
Title: ESB-2009.0430 -- [Win][Netware][Linux] -- Symantec Reporting Server:
Provide Misleading Information
Date: 04 May 2009
OS: Ubuntu, Debian GNU/Linux, Windows 2003, Windows 2000, Other Linux
Variants, Windows XP, Windows Server 2008, Red Hat Linux, Novell
Netware, Windows Vista
URL: http://www.auscert.org.au/10941
Title: ESB-2009.0429 -- [Debian] -- wireshark: Multiple Vulnerabilities
Date: 04 May 2009
OS: Debian GNU/Linux
URL: http://www.auscert.org.au/10940
Title: ESB-2009.0428 -- [FreeBSD] -- FreeBSD 7.0: end-of-life notification
Date: 04 May 2009
OS: FreeBSD
URL: http://www.auscert.org.au/10939
Title: ESB-2009.0427 -- [HP-UX][Tru64][Solaris][AIX] -- ARCserve: Multiple
Vulnerabilities
Date: 04 May 2009
OS: Solaris, HP Tru64 UNIX, HP-UX, AIX
URL: http://www.auscert.org.au/10938
Title: ESB-2009.0422 -- [Solaris] -- ASN.1 Printing: Denial of Service
Date: 06 May 2009
OS: Solaris
URL: http://www.auscert.org.au/10931
Title: ESB-2009.0416 -- [Win][UNIX/Linux] -- Drupal core and Drupal
third-party modules: Multiple Vulnerabilities
Date: 04 May 2009
OS: Windows Vista, AIX, HP-UX, Mac OS X, Red Hat Linux, Windows Server
2008, Windows XP, Other Linux Variants, FreeBSD, OpenBSD, Windows 2003,
IRIX, Other BSD Variants, Debian GNU/Linux, Ubuntu, HP Tru64 UNIX,
Solaris
URL: http://www.auscert.org.au/10924
Title: ESB-2009.0035 -- [Solaris] -- The Solaris rpc.metad(1M) Daemon is
Vulnerable to a Denial of Service (DoS) Attack
Date: 06 May 2009
OS: Solaris
URL: http://www.auscert.org.au/10329
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert at auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
More information about the AusNOG
mailing list